Lucene search
K

103222 matches found

RedhatCVE
RedhatCVE
added 2026/03/12 10:12 p.m.6 views

CVE-2026-1525

A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerability by sending HTTP/1.1 requests that include duplicate Content-Length headers with different casing e.g., "Content-Length" and "content-length". This can lead to HTTP Request Smuggling, a...

9.8CVSS5.7AI score0.00493EPSS
Exploits0References8
OSV
OSV
added 2026/03/12 9:16 p.m.7 views

UBUNTU-CVE-2026-1527

ImpactWhen an application passes user-controlled input to the upgrade option of client.request, an attacker can inject CRLF sequences \r\n to: Inject arbitrary HTTP headers Terminate the HTTP request prematurely and smuggle raw data to non-HTTP services Redis, Memcached, Elasticsearch The...

4.6CVSS5.9AI score0.00256EPSS
Exploits0References2
OSV
OSV
added 2026/03/12 8:57 p.m.4 views

GO-2026-4686 AdGuard Home: HTTP/2 Cleartext (h2c) Upgrade Authentication Bypass in github.com/AdguardTeam/AdGuardHome

AdGuard Home: HTTP/2 Cleartext h2c Upgrade Authentication Bypass in github.com/AdguardTeam/AdGuardHome...

9.8CVSS5.8AI score0.00735EPSS
Exploits2References2
Snyk
Snyk
added 2026/03/12 8:17 p.m.2 views

CRLF Injection

Overview undici is an An HTTP/1.1 client, written from scratch for Node.js Affected versions of this package are vulnerable to CRLF Injection via the upgrade option of the client.request function. An attacker can inject malicious data into HTTP headers or prematurely terminate HTTP requests by...

6.5CVSS5.9AI score0.00256EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/12 8:17 p.m.10 views

CVE-2026-1527

ImpactWhen an application passes user-controlled input to the upgrade option of client.request, an attacker can inject CRLF sequences \r\n to: Inject arbitrary HTTP headers Terminate the HTTP request prematurely and smuggle raw data to non-HTTP services Redis, Memcached, Elasticsearch The...

4.6CVSS5.9AI score0.00256EPSS
Exploits0References4
OSV
OSV
added 2026/03/12 8:16 p.m.5 views

DEBIAN-CVE-2026-32239

Cap'n Proto is a data interchange format and capability-based RPC system. Prior to 1.4.0, a negative Content-Length value was converted to unsigned, treating it as an impossibly large length instead. In theory, this bug could enable HTTP request/response smuggling. This vulnerability is fixed in...

6.5CVSS5.3AI score0.00207EPSS
Exploits0References1
NVD
NVD
added 2026/03/12 8:16 p.m.5 views

CVE-2026-1525

Undici allows duplicate HTTP Content-Length headers when they are provided in an array with case-variant names e.g., Content-Length and content-length. This produces malformed HTTP/1.1 requests with multiple conflicting Content-Length values on the wire. Who is impacted: Applications...

9.8CVSS0.00493EPSS
Exploits0References5
OSV
OSV
added 2026/03/12 8:16 p.m.6 views

UBUNTU-CVE-2026-32239

Cap'n Proto is a data interchange format and capability-based RPC system. Prior to 1.4.0, a negative Content-Length value was converted to unsigned, treating it as an impossibly large length instead. In theory, this bug could enable HTTP request/response smuggling. This vulnerability is fixed in...

6.5CVSS5.8AI score0.00207EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/03/12 8:16 p.m.3 views

CVE-2026-1525

Undici allows duplicate HTTP Content-Length headers when they are provided in an array with case-variant names e.g., Content-Length and content-length. This produces malformed HTTP/1.1 requests with multiple conflicting Content-Length values on the wire. Who is impacted: Applications...

9.8CVSS5.9AI score0.00493EPSS
Exploits0References1
Snyk
Snyk
added 2026/03/12 7:56 p.m.6 views

HTTP Request Smuggling

Overview org.webjars.npm:undici is an An HTTP/1.1 client, written from scratch for Node.js Affected versions of this package are vulnerable to HTTP Request Smuggling in the processHeader while handling HTTP/1.1 requests containing duplicate Content-Length headers with differing casing. An attacke...

9.8CVSS5.8AI score0.00493EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/12 7:56 p.m.9 views

HTTP Request Smuggling

Overview undici is an An HTTP/1.1 client, written from scratch for Node.js Affected versions of this package are vulnerable to HTTP Request Smuggling in the processHeader while handling HTTP/1.1 requests containing duplicate Content-Length headers with differing casing. An attacker can bypass...

9.8CVSS5.8AI score0.00493EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/12 7:56 p.m.8 views

CVE-2026-1525

Undici allows duplicate HTTP Content-Length headers when they are provided in an array with case-variant names e.g., Content-Length and content-length. This produces malformed HTTP/1.1 requests with multiple conflicting Content-Length values on the wire. Who is impacted: Applications...

6.5CVSS5.8AI score0.00493EPSS
Exploits0References6
CVE
CVE
added 2026/03/12 7:35 p.m.17 views

CVE-2026-32240

Cap'n Proto prior to 1.4.0 has a vulnerability where, with Transfer-Encoding: chunked, a chunk size parsed to >= 2^64 would be truncated to 64 bits, potentially enabling HTTP request/response smuggling. The issue affects Cap'n Proto’s chunked transfer handling and is fixed in 1.4.0. According ...

6.5CVSS5.8AI score0.00207EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/12 7:35 p.m.4 views

CVE-2026-32240 Cap'n Proto: Integer overflow in KJ-HTTP chunk size

Cap'n Proto is a data interchange format and capability-based RPC system. Prior to 1.4.0, when using Transfer-Encoding: chunked, if a chunk's size parsed to a value of 2^64 or larger, it would be truncated to a 64-bit integer. In theory, this bug could enable HTTP request/response smuggling. This...

6.3CVSS5.8AI score0.00207EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/03/12 7:35 p.m.5 views

CVE-2026-32240

Cap'n Proto is a data interchange format and capability-based RPC system. Prior to 1.4.0, when using Transfer-Encoding: chunked, if a chunk's size parsed to a value of 2^64 or larger, it would be truncated to a 64-bit integer. In theory, this bug could enable HTTP request/response smuggling. This...

6.5CVSS5.3AI score0.00207EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/03/12 7:33 p.m.4 views

CVE-2026-32239 Cap'n Proto has an integer overflow in KJ-HTTP

Cap'n Proto is a data interchange format and capability-based RPC system. Prior to 1.4.0, a negative Content-Length value was converted to unsigned, treating it as an impossibly large length instead. In theory, this bug could enable HTTP request/response smuggling. This vulnerability is fixed in...

6.3CVSS5.8AI score0.00207EPSS
Exploits0References5
CVE
CVE
added 2026/03/12 7:33 p.m.36 views

CVE-2026-32239

Cap'n Proto prior to 1.4.0 mishandles a negative Content-Length value by converting it to unsigned, effectively allowing an HTTP request/response smuggling vector. The issue affects Cap'n Proto’s data interchange/RPC handling where untrusted HTTP boundaries could be exploited. The vulnerability i...

6.5CVSS5.8AI score0.00207EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/03/12 7:33 p.m.7 views

CVE-2026-32239 Cap'n Proto has an integer overflow in KJ-HTTP

Cap'n Proto is a data interchange format and capability-based RPC system. Prior to 1.4.0, a negative Content-Length value was converted to unsigned, treating it as an impossibly large length instead. In theory, this bug could enable HTTP request/response smuggling. This vulnerability is fixed in...

6.3CVSS5.8AI score0.00207EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/03/12 7:33 p.m.25 views

CVE-2026-32239 Cap'n Proto has an integer overflow in KJ-HTTP

Cap'n Proto is a data interchange format and capability-based RPC system. Prior to 1.4.0, a negative Content-Length value was converted to unsigned, treating it as an impossibly large length instead. In theory, this bug could enable HTTP request/response smuggling. This vulnerability is fixed in...

6.3CVSS0.00207EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/03/12 7:33 p.m.5 views

CVE-2026-32239

Cap'n Proto is a data interchange format and capability-based RPC system. Prior to 1.4.0, a negative Content-Length value was converted to unsigned, treating it as an impossibly large length instead. In theory, this bug could enable HTTP request/response smuggling. This vulnerability is fixed in...

6.5CVSS5.3AI score0.00207EPSS
Exploits0
Rows per page
Query Builder