267 matches found
Alibaba Cloud Linux 3 : 0055: http-parser (ALINUX3-SA-2022:0055)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0055 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-15605: HTTP request smuggling in Node.js 1...
OESA-2025-1346 python-aiohttp security update
Async http client/server framework asyncio. Security Fixes: aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. The HTTP parser in AIOHTTP has numerous problems with header parsing, which could lead to request smuggling. This parser is only used when AIOHTTPNOEXTENSION...
Denial Of Service (DoS)
Passenger is vulnerable to Denial Of Service DoS. The vulnerability is due to an issue in the HTTP parser during the parsing of a request with an invalid HTTP method, allowing an attacker to exploit this issue...
BIT-PASSENGER-2025-26803
The http parser in Phusion Passenger 6.0.21 through 6.0.25 before 6.0.26 allows a denial of service during parsing of a request with an invalid HTTP method...
BIT-PASSENGER-NGINX-MODULE-2025-26803
The http parser in Phusion Passenger 6.0.21 through 6.0.25 before 6.0.26 allows a denial of service during parsing of a request with an invalid HTTP method...
BIT-PASSENGER-APACHE-MODULE-2025-26803
The http parser in Phusion Passenger 6.0.21 through 6.0.25 before 6.0.26 allows a denial of service during parsing of a request with an invalid HTTP method...
CVE-2025-26803
The http parser in Phusion Passenger 6.0.21 through 6.0.25 before 6.0.26 allows a denial of service during parsing of a request with an invalid HTTP method...
CVE-2025-26803
The http parser in Phusion Passenger 6.0.21 through 6.0.25 before 6.0.26 allows a denial of service during parsing of a request with an invalid HTTP method...
[SECURITY] [DLA 4041-1] python-aiohttp security update
Debian LTS Advisory DLA-4041-1 [email protected] https://www.debian.org/lts/security/ Jochen Sprickerhof February 03, 2025 https://wiki.debian.org/LTS Package : python-aiohttp Version : 3.7.4-1+deb11u1 CVE ID : CVE-2023-47627 CVE-2023-47641 CVE-2023-49081 CVE-2023-49082 CVE-2024-23334...
Debian dla-4041 : python-aiohttp-doc - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4041 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4041-1 [email protected]...
PT-2025-21254 · Node.Js +5 · Llhttp +6
Name of the Vulnerable Software and Affected Versions: Node.js versions prior to the llhttp v9 upgrade node-undici in Debian Linux affected versions not specified Description: A flaw in the HTTP parser of Node.js allows improper termination of HTTP/1 headers using r rX instead of the required r r...
RHSA-2019:2258 Red Hat Security Advisory: http-parser security update
Bulletin has no description...
RHSA-2019:3497 Red Hat Security Advisory: http-parser security and bug fix update
Bulletin has no description...
RHSA-2020:1510 Red Hat Security Advisory: http-parser security update
Bulletin has no description...
RHSA-2020:0707 Red Hat Security Advisory: http-parser security update
Bulletin has no description...
RHSA-2020:0708 Red Hat Security Advisory: http-parser security update
Bulletin has no description...
RHSA-2020:0703 Red Hat Security Advisory: http-parser security update
Bulletin has no description...
RHSA-2017:0002 Red Hat Security Advisory: rh-nodejs4-nodejs and rh-nodejs4-http-parser security update
Bulletin has no description...
aiohttp < 3.9.2 Multiple Vulnerabilities - Linux
aiohttp is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:aio-libsproject:aiohttp";...
aiohttp < 3.9.2 Multiple Vulnerabilities - Windows
aiohttp is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:aio-libsproject:aiohttp";...