CVE-2026-26962

Rack is a modular Ruby web server interface. From version 3.2.0 to before version 3.2.6, Rack::Multipart::Parser unfolds folded multipart part headers incorrectly. When a multipart header contains an obs-fold sequence, Rack preserves the embedded CRLF in parsed parameter values such as filename o...

Linux Distros Unpatched Vulnerability : CVE-2017-5660

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a vulnerability in Apache Traffic Server ATS 6.2.0 and prior and 7.0.0 and prior with the Host header and line folding. This can have issues when...

CVE-2025-32094

An issue was discovered in Akamai Ghost, as used for the Akamai CDN platform before 2025-03-26. Under certain circumstances, a client making an HTTP/1.x OPTIONS request with an "Expect: 100-continue" header, and using obsolete line folding, can lead to a discrepancy in how two in-path Akamai...

CVE-2017-5660

There is a vulnerability in Apache Traffic Server ATS 6.2.0 and prior and 7.0.0 and prior with the Host header and line folding. This can have issues when interacting with upstream proxies and the wrong host being used...

CVE-2017-5660

There is a vulnerability in Apache Traffic Server ATS 6.2.0 and prior and 7.0.0 and prior with the Host header and line folding. This can have issues when interacting with upstream proxies and the wrong host being used...

CVE-2017-5660

There is a vulnerability in Apache Traffic Server ATS 6.2.0 and prior and 7.0.0 and prior with the Host header and line folding. This can have issues when interacting with upstream proxies and the wrong host being used...

CVE-2017-5660

There is a vulnerability in Apache Traffic Server ATS 6.2.0 and prior and 7.0.0 and prior with the Host header and line folding. This can have issues when interacting with upstream proxies and the wrong host being used...

CVE-2017-5660

There is a vulnerability in Apache Traffic Server ATS 6.2.0 and prior and 7.0.0 and prior with the Host header and line folding. This can have issues when interacting with upstream proxies and the wrong host being used...

CVE-2017-5660

CVE-2017-5660 affects Apache Traffic Server (ATS) versions 6.2.0 and earlier and 7.0.0 and earlier due to a Host header/line folding issue that can interact with upstream proxies and cause the wrong host to be used. Several sources describe an input-validation/host-header vulnerability with poten...

CVE-2015-8935

The sapiheaderop function in main/SAPI.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 supports deprecated line folding without considering browser compatibility, which allows remote attackers to conduct cross-site scripting XSS attacks against Internet Explorer by leveraging ...