21 matches found
CVE-2026-4742
Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in visualfc liteide liteidex/src/3rdparty/qjsonrpc/src/http-parser modules. This vulnerability is associated with program files httpparser.C. This issue affects liteide: before x38.4...
CVE-2026-4742
Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in visualfc liteide liteidex/src/3rdparty/qjsonrpc/src/http-parser modules. This vulnerability is associated with program files httpparser.C. This issue affects liteide: before x38.4...
CVE-2026-4742 HTTP Request Smuggling in visualfc/liteide
Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in visualfc liteide liteidex/src/3rdparty/qjsonrpc/src/http-parser modules. This vulnerability is associated with program files httpparser.C. This issue affects liteide: before x38.4...
CVE-2018-7159 affecting package rubygem-http_parser for versions less than 0.8.0-1
CVE-2018-7159 affecting package rubygem-httpparser for versions less than 0.8.0-1. A patched version of the package is available...
Fedora: Security Advisory for llhttp (FEDORA-2024-5dc487ee89)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2024-2f15e6e876)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 38 Update: llhttp-9.2.1-1.fc38
This project is a port of httpparser to TypeScript. llparse is used to generate the output C source file, which could be compiled and linked with the embedder's program like Node.js...
[SECURITY] Fedora 39 Update: llhttp-9.2.1-1.fc39
This project is a port of httpparser to TypeScript. llparse is used to generate the output C source file, which could be compiled and linked with the embedder's program like Node.js...
[SECURITY] Fedora 40 Update: llhttp-9.2.1-1.fc40
This project is a port of httpparser to TypeScript. llparse is used to generate the output C source file, which could be compiled and linked with the embedder's program like Node.js...
CVE-2024-23452
Request smuggling vulnerability in HTTP server in Apache bRPC 0.9.51.7.0 on all platforms allows attacker to smuggle request. Vulnerability Cause Description: The httpparser does not comply with the RFC-7230 HTTP 1.1 specification. Attack scenario: If a message is received with both a...
CVE-2024-23452 Apache bRPC: HTTP request smuggling vulnerability
Request smuggling vulnerability in HTTP server in Apache bRPC 0.9.51.7.0 on all platforms allows attacker to smuggle request. Vulnerability Cause Description: The httpparser does not comply with the RFC-7230 HTTP 1.1 specification. Attack scenario: If a message is received with both a...
CVE-2024-23452 Apache bRPC: HTTP request smuggling vulnerability
Request smuggling vulnerability in HTTP server in Apache bRPC 0.9.51.7.0 on all platforms allows attacker to smuggle request. Vulnerability Cause Description: The httpparser does not comply with the RFC-7230 HTTP 1.1 specification. Attack scenario: If a message is received with both a...
[SECURITY] Fedora 39 Update: llhttp-9.1.3-1.fc39
This project is a port of httpparser to TypeScript. llparse is used to generate the output C source file, which could be compiled and linked with the embedder's program like Node.js...
[SECURITY] Fedora 37 Update: llhttp-8.1.1-1.fc37
This project is a port of httpparser to TypeScript. llparse is used to generate the output C source file, which could be compiled and linked with the embedder's program like Node.js. This copy of the library is compiled with LLHTTPSTRICTMODE set to 0 disabled, which is the default...
Fedora: Security Advisory for llhttp (FEDORA-2023-105880e618)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 38 Update: llhttp-8.1.1-1.fc38
This project is a port of httpparser to TypeScript. llparse is used to generate the output C source file, which could be compiled and linked with the embedder's program like Node.js. This copy of the library is compiled with LLHTTPSTRICTMODE set to 0 disabled, which is the default...
[SECURITY] Fedora 37 Update: llhttp-6.0.10-1.fc37
This project is a port of httpparser to TypeScript. llparse is used to generate the output C source file, which could be compiled and linked with the embedder's program like Node.js. This copy of the library is compiled with LLHTTPSTRICTMODE set to 0 disabled, which is the default...
Node.js: HTTP header values do not have trailing OWS trimmed
I suspect I may have tagged the wrong vulnerability type -I'm failing to find "insufficient validation of user input" According to the HTTP-spec, http values are field-value = field-content | LWS httpparser does not appear to trim trailing LWS. This means if a user sends "Host: foo\r\n" the strin...
AZL-40842 CVE-2018-7159 affecting package rubygem-http_parser for versions less than 0.8.0-1
The HTTP parser in all current versions of Node.js ignores spaces in the Content-Length header, allowing input such as Content-Length: 1 2 to be interpreted as having a value of 12. The HTTP specification does not allow for spaces in the Content-Length value and the Node.js HTTP parser has been...
openSUSE Security Update : libtorrent-rasterbar (openSUSE-2016-774)
This update for libtorrent-rasterbar fixes the following issues : - CVE-2016-5301: Crash on invalid input in httpparser could have allowed a remote attacker to perform a denial of service attack boo983228. In addition, the package was updated to 1.0.9 / 1.16.19, fixing various upstream bugs...