Lucene search
+L

22 matches found

nvd
nvd
added 2026/03/24 4:17 a.m.8 views

CVE-2026-4742

Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in visualfc liteide liteidex/src/3rdparty/qjsonrpc/src/http-parser modules. This vulnerability is associated with program files httpparser.C. This issue affects liteide: before x38.4...

6.3CVSS0.00207EPSS
Exploits0References1
cvelist
cvelist
added 2026/03/24 3:24 a.m.28 views

CVE-2026-4742 HTTP Request Smuggling in visualfc/liteide

Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in visualfc liteide liteidex/src/3rdparty/qjsonrpc/src/http-parser modules. This vulnerability is associated with program files httpparser.C. This issue affects liteide: before x38.4...

6.3CVSS0.00207EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/03/24 3:24 a.m.2 views

CVE-2026-4742

Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in visualfc liteide liteidex/src/3rdparty/qjsonrpc/src/http-parser modules. This vulnerability is associated with program files httpparser.C. This issue affects liteide: before x38.4...

6.3CVSS5.8AI score0.00207EPSS
Exploits0References2
osv
osv
added 2026/03/24 3:24 a.m.3 views

CVE-2026-4742 HTTP Request Smuggling in visualfc/liteide

Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in visualfc liteide liteidex/src/3rdparty/qjsonrpc/src/http-parser modules. This vulnerability is associated with program files httpparser.C. This issue affects liteide: before x38.4...

6.3CVSS5.9AI score0.00207EPSS
Exploits0References4
cbl_mariner
cbl_mariner
added 2024/07/24 1:52 a.m.6 views

CVE-2018-7159 affecting package rubygem-http_parser for versions less than 0.8.0-1

CVE-2018-7159 affecting package rubygem-httpparser for versions less than 0.8.0-1. A patched version of the package is available...

5.3CVSS9.1AI score0.03621EPSS
Exploits0
openvas
openvas
added 2024/05/27 12:0 a.m.17 views

Fedora: Security Advisory for llhttp (FEDORA-2024-5dc487ee89)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.4AI score0.01155EPSS
Exploits0References2
openvas
openvas
added 2024/05/27 12:0 a.m.16 views

Fedora: Security Advisory (FEDORA-2024-2f15e6e876)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.4AI score0.01155EPSS
Exploits0References4
fedora
fedora
added 2024/04/20 2:14 a.m.30 views

[SECURITY] Fedora 38 Update: llhttp-9.2.1-1.fc38

This project is a port of httpparser to TypeScript. llparse is used to generate the output C source file, which could be compiled and linked with the embedder's program like Node.js...

6.5CVSS6.4AI score0.01155EPSS
Exploits0
fedora
fedora
added 2024/04/20 1:3 a.m.29 views

[SECURITY] Fedora 39 Update: llhttp-9.2.1-1.fc39

This project is a port of httpparser to TypeScript. llparse is used to generate the output C source file, which could be compiled and linked with the embedder's program like Node.js...

6.5CVSS6.4AI score0.01155EPSS
Exploits0
fedora
fedora
added 2024/04/19 9:44 p.m.32 views

[SECURITY] Fedora 40 Update: llhttp-9.2.1-1.fc40

This project is a port of httpparser to TypeScript. llparse is used to generate the output C source file, which could be compiled and linked with the embedder's program like Node.js...

6.5CVSS6.4AI score0.01155EPSS
Exploits0
vulnrichment
vulnrichment
added 2024/02/08 9:0 a.m.21 views

CVE-2024-23452 Apache bRPC: HTTP request smuggling vulnerability

Request smuggling vulnerability in HTTP server in Apache bRPC 0.9.51.7.0 on all platforms allows attacker to smuggle request. Vulnerability Cause Description: The httpparser does not comply with the RFC-7230 HTTP 1.1 specification. Attack scenario: If a message is received with both a...

7.5AI score0.01637EPSS
Exploits0References4
cvelist
cvelist
added 2024/02/08 9:0 a.m.24 views

CVE-2024-23452 Apache bRPC: HTTP request smuggling vulnerability

Request smuggling vulnerability in HTTP server in Apache bRPC 0.9.51.7.0 on all platforms allows attacker to smuggle request. Vulnerability Cause Description: The httpparser does not comply with the RFC-7230 HTTP 1.1 specification. Attack scenario: If a message is received with both a...

7.7AI score0.01637EPSS
Exploits0References4
osv
osv
added 2024/02/08 9:0 a.m.33 views

CVE-2024-23452 Apache bRPC: HTTP request smuggling vulnerability

Request smuggling vulnerability in HTTP server in Apache bRPC 0.9.51.7.0 on all platforms allows attacker to smuggle request. Vulnerability Cause Description: The httpparser does not comply with the RFC-7230 HTTP 1.1 specification. Attack scenario: If a message is received with both a...

7.5CVSS7AI score0.01637EPSS
Exploits0References6
fedora
fedora
added 2023/12/07 2:9 a.m.27 views

[SECURITY] Fedora 39 Update: llhttp-9.1.3-1.fc39

This project is a port of httpparser to TypeScript. llparse is used to generate the output C source file, which could be compiled and linked with the embedder's program like Node.js...

7.5CVSS6.4AI score0.00857EPSS
Exploits1
fedora
fedora
added 2023/08/17 12:34 a.m.37 views

[SECURITY] Fedora 37 Update: llhttp-8.1.1-1.fc37

This project is a port of httpparser to TypeScript. llparse is used to generate the output C source file, which could be compiled and linked with the embedder's program like Node.js. This copy of the library is compiled with LLHTTPSTRICTMODE set to 0 disabled, which is the default...

7.5CVSS7.8AI score0.03906EPSS
Exploits1
openvas
openvas
added 2023/08/17 12:0 a.m.29 views

Fedora: Security Advisory for llhttp (FEDORA-2023-105880e618)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.03906EPSS
Exploits1References2
fedora
fedora
added 2023/08/07 1:27 a.m.37 views

[SECURITY] Fedora 38 Update: llhttp-8.1.1-1.fc38

This project is a port of httpparser to TypeScript. llparse is used to generate the output C source file, which could be compiled and linked with the embedder's program like Node.js. This copy of the library is compiled with LLHTTPSTRICTMODE set to 0 disabled, which is the default...

7.5CVSS5.2AI score0.03906EPSS
Exploits1
fedora
fedora
added 2022/11/10 10:41 p.m.19 views

[SECURITY] Fedora 37 Update: llhttp-6.0.10-1.fc37

This project is a port of httpparser to TypeScript. llparse is used to generate the output C source file, which could be compiled and linked with the embedder's program like Node.js. This copy of the library is compiled with LLHTTPSTRICTMODE set to 0 disabled, which is the default...

7.2AI score
Exploits0
hackerone
hackerone
added 2019/11/06 5:46 p.m.77 views

Node.js: HTTP header values do not have trailing OWS trimmed

I suspect I may have tagged the wrong vulnerability type -I'm failing to find "insufficient validation of user input" According to the HTTP-spec, http values are field-value = field-content | LWS httpparser does not appear to trim trailing LWS. This means if a user sends "Host: foo\r\n" the strin...

7.5CVSS8.8AI score0.20041EPSS
Exploits1
osv
osv
added 2018/05/17 2:29 p.m.5 views

AZL-40842 CVE-2018-7159 affecting package rubygem-http_parser for versions less than 0.8.0-1

The HTTP parser in all current versions of Node.js ignores spaces in the Content-Length header, allowing input such as Content-Length: 1 2 to be interpreted as having a value of 12. The HTTP specification does not allow for spaces in the Content-Length value and the Node.js HTTP parser has been...

5.3CVSS6.5AI score0.03621EPSS
Exploits0References1
Rows per page
Query Builder