Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/03/12 2:24 p.m.3 views

CVE-2026-31870

A flaw was found in cpp-httplib. A remote attacker, acting as a malicious server or through a man-in-the-middle position, can send a specially crafted HTTP response with a malformed Content-Length header. This lack of input validation and exception handling causes the client application to crash,...

7.5CVSS5.8AI score0.00453EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/03/11 5:57 p.m.3 views

CVE-2026-31870 cpp-httplib Affected by Remote Process Crash via Malformed Content-Length Response Header

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.37.1, when a cpp-httplib client uses the streaming API httplib::stream::Get, httplib::stream::Post, etc., the library calls std::stoull directly on the Content-Length header value received from the server...

7.5CVSS5.7AI score0.00453EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/10/14 8:5 a.m.8 views

CVE-2025-41706 Phoenix Contact: Webserver Denial of Service through Malformed Content-Length

The webserver is vulnerable to a denial of service condition. An unauthenticated remote attacker can craft a special GET request with an over-long content-length to trigger the issue without affecting the core functionality...

5.3CVSS0.01696EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:41 a.m.3 views

CVE-2023-0587

A file upload vulnerability in exists in Trend Micro Apex One server build 11110. Using a malformed Content-Length header in an HTTP PUT message sent to URL /officescan/console/html/cgi/fcgiOfcDDA.exe, an unauthenticated remote attacker can upload arbitrary files to the SampleSubmission directory...

9.1CVSS9.4AI score0.59585EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/01/25 7:51 a.m.3 views

haproxy: Proxy forwards malformed empty Content-Length headers

A flaw was found in HAProxy. Empty Content-Length headers are forwarded, which could cause an HTTP/1 server behind it to interpret the payload as an extra request. This may render the HTTP/1 server vulnerable to attacks in some uncommon cases...

7.2CVSS5.7AI score0.01815EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2022/11/01 12:0 a.m.7 views

CVE-2022-42252 Apache Tomcat request smuggling via malformed content-length

If Apache Tomcat 8.5.0 to 8.5.82, 9.0.0-M1 to 9.0.67, 10.0.0-M1 to 10.0.26 or 10.1.0-M1 to 10.1.0 was configured to ignore invalid HTTP headers via setting rejectIllegalHeader to false the default for 8.5.x only, Tomcat did not reject a request containing an invalid Content-Length header making a...

7.6AI score0.01448EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2002/11/27 12:0 a.m.38 views

Savant Web Server Malformed Content-Length DoS

The Savant web server on the remote host crashes when it receives an invalid GET HTTP request with a negative Content-Length field. A remote attacker can leverage this issue to disable the affected service. C Tenable Network Security, Inc. References: Date: Fri, 13 Sep 2002 19:55:05 +0000 From...

5CVSS5.6AI score0.06919EPSS
Exploits0References2
Rows per page
Query Builder