Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2026/02/10 12:54 p.m.5 views

cpython: Excessive read buffering DoS in http.client

A flaw was found in the http.client module in the Python standard library. When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This issue allows a malicious server to cause the client to read large amounts of data into...

7.5CVSS5.7AI score0.01525EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/10/16 3:16 p.m.4 views

JDK: HTTP client improper handling of maxHeaderSize (8328286)

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23;...

3.7CVSS7.4AI score0.01018EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/07/20 12:12 p.m.3 views

OpenJDK: HTTP client insufficient file name validation (8302475)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle...

3.1CVSS7.3AI score0.00866EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/10/23 7:44 a.m.4 views

OpenJDK: HTTP client insufficient check for newline in URLs (Networking, 8176751)

It was found that the HttpURLConnection and HttpsURLConnection classes in the Networking component of OpenJDK failed to check for newline characters embedded in URLs. An attacker able to make a Java application perform an HTTP request using an attacker provided URL could possibly inject additiona...

4.3CVSS7.3AI score0.02199EPSS
Exploits0References4
Rows per page
Query Builder