h11 accepts some malformed Chunked-Encoding bodies

h11 reports: h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. This issue has been patched in version 0.16.0. Since...

squid: Request/Response smuggling in HTTP/1.1 and ICAP

SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems...

node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery

A flaw was found in the node-forge package. This signature verification leniency allows an attacker to forge a signature...

node-forge: Signature verification leniency in checking `digestAlgorithm` structure can lead to signature forgery

A flaw was found in the node-forge package. This signature verification leniency allows an attacker to forge a signature...

node-forge: Signature verification failing to check tailing garbage bytes can lead to signature forgery

A flaw was found in the node-forge package. This signature verification leniency allows an attacker to forge a signature...

CVE-2022-24772

A flaw was found in the node-forge package. This signature verification leniency allows an attacker to forge a signature...

CVE-2022-24771

A flaw was found in the node-forge package. This signature verification leniency allows an attacker to forge a signature...