Lucene search
K

8 matches found

Snyk
Snyk
added 2025/04/08 7:46 p.m.3 views

HTTP Request Smuggling

Overview std/net/http/internal is a Go standard library package std/net/http/internal Affected versions of this package are vulnerable to HTTP Request Smuggling. Go Vulnerability Report:The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This c...

9.3CVSS6.9AI score0.00724EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 6:12 a.m.3 views

SUSE CVE-2007-2026

The gnu regular expression code in file 4.20 allows context-dependent attackers to cause a denial of service CPU consumption via a crafted document with a large number of line feed characters, which is not well handled by OS/2 REXX regular expressions that use wildcards, as originally reported fo...

7.8CVSS6.9AI score0.02092EPSS
Exploits1References3
OSV
OSV
added 2021/10/12 4:15 p.m.3 views

UBUNTU-CVE-2021-41136

Puma is a HTTP 1.1 server for Ruby/Rack applications. Prior to versions 5.5.1 and 4.3.9, using puma with a proxy which forwards HTTP header values which contain the LF character could allow HTTP request smugggling. A client could smuggle a request through a proxy, causing the proxy to send a...

3.7CVSS6.7AI score0.01119EPSS
Exploits0References4
CNVD
CNVD
added 2019/08/12 12:0 a.m.1 views

Unspecified vulnerability in cPanel (CNVD-2019-27408)

cPanel is a set of Web-based automated colocation platforms from the American company cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions prior to cPanel 57.9999.105. An attacker could exploit the vulnerability to...

7.5CVSS6.7AI score0.0088EPSS
Exploits0References1
OSV
OSV
added 2015/01/08 8:0 a.m.10 views

CURL-CVE-2014-8150 URL request injection

When libcurl sends a request to a server via an HTTP proxy, it copies the entire URL into the request and sends if off. If the given URL contains line feeds and carriage returns those are sent along to the proxy too, which allows the program to for example send a separate HTTP request injected...

4.3CVSS7AI score0.0681EPSS
Exploits0
OSV
OSV
added 2007/04/13 6:19 p.m.1 views

DEBIAN-CVE-2007-2026

The gnu regular expression code in file 4.20 allows context-dependent attackers to cause a denial of service CPU consumption via a crafted document with a large number of line feed characters, which is not well handled by OS/2 REXX regular expressions that use wildcards, as originally reported fo...

7.8CVSS6.9AI score0.02092EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2007/04/13 6:19 p.m.3 views

CVE-2007-2026

The gnu regular expression code in file 4.20 allows context-dependent attackers to cause a denial of service CPU consumption via a crafted document with a large number of line feed characters, which is not well handled by OS/2 REXX regular expressions that use wildcards, as originally reported fo...

7.8CVSS5.6AI score0.02092EPSS
Exploits1References14
UbuntuCve
UbuntuCve
added 2005/11/29 11:3 a.m.29 views

CVE-2005-3883

CRLF injection vulnerability in the mbsendmail function in PHP before 5.1.0 might allow remote attackers to inject arbitrary e-mail headers via line feeds LF in the "To" address argument...

5CVSS6.1AI score0.03052EPSS
Exploits0References2
Rows per page
Query Builder