11 matches found
CVE-2026-3644
The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update, |= operator, and unpickling paths were not patched, allowing control characters to bypass input validation. Additionally, BaseCookie.jsoutput lacked the output validation applie...
EUVD-2013-1271
Malware in sbrugna...
EUVD-2013-1272
Malware in sbrugna...
EUVD-2024-3214
Malicious code in bioql PyPI...
[SECURITY] Fedora 40 Update: mingw-libsoup-2.74.3-11.fc40
Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications...
[SECURITY] Fedora 41 Update: mingw-libsoup-2.74.3-11.fc41
Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications...
UBUNTU-CVE-2025-43859
h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. This issue has been patched in version 0.16.0. Since exploitation requires...
CVE-2023-51714
An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check...
SUSE-SU-2021:0932-1 Security update for nghttp2
This update for nghttp2 fixes the following issues: Security issues fixed: - CVE-2020-11080: HTTP/2 Large Settings Frame DoS bsc1181358. - CVE-2019-9513: Fixed HTTP/2 implementation that is vulnerable to resource loops, potentially leading to a denial of service bsc1146184. - CVE-2019-9511: Fixed...
Design/Logic Flaw
The HTTP implementation in Cisco WebEx Node for MCS, WebEx Meetings Server, and WebEx Node for ASR 1000 Series allows remote attackers to read the contents of uninitialized memory locations via a crafted request, aka Bug IDs CSCue36672, CSCue31363, CSCuf17466, and CSCug61252...
KPMG-2002034: Jigsaw Webserver DOS device DoS
-------------------------------------------------------------------- Title: Jigsaw Webserver DOS device DoS BUG-ID: 2002034 Released: 17th Jul 2002 -------------------------------------------------------------------- Problem: ======== A malicious user can tie up working threads on the web server...