Lucene search
K

6 matches found

Github Security Blog
Github Security Blog
added 2026/06/15 8:46 p.m.7 views

Netty: HttpObjectDecoder skips arbitrary initial control characters when only initial CRLF characters are permitted

Summary Before reading the first request-line, HttpObjectDecoder skips every byte for which Character.isISOControlb is true 0x00–0x1F and 0x7F as well as all whitespace. RFC 9112 §2.2 only asks servers to ignore empty CRLF lines preceding the request-line — a carefully scoped robustness allowance...

5.3CVSS5.3AI score0.00232EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-0115

Malware in sbrugna...

6.1CVSS6.1AI score0.00811EPSS
Exploits0References6
OSV
OSV
added 2022/05/24 5:18 p.m.9 views

GHSA-63H2-9CC8-FC7M meinheld vulnerable to HTTP Request Smuggling

meinheld prior to 1.0.2 is vulnerable to HTTP Request Smuggling. HTTP pipelining issues and request smuggling attacks might be possible due to incorrect Content-Length and Transfer encoding header parsing...

6.1CVSS6.2AI score0.00686EPSS
Exploits0References9
OSV
OSV
added 2020/05/22 4:15 p.m.19 views

CVE-2020-7658

meinheld prior to 1.0.2 is vulnerable to HTTP Request Smuggling. HTTP pipelining issues and request smuggling attacks might be possible due to incorrect Content-Length and Transfer encoding header parsing...

6.1CVSS6.3AI score
Exploits0References2
OSV
OSV
added 2020/05/21 3:15 p.m.18 views

CVE-2020-7655

netius prior to 1.17.58 is vulnerable to HTTP Request Smuggling. HTTP pipelining issues and request smuggling attacks might be possible due to incorrect Transfer encoding header parsing which could allow for CL:TE or TE:TE attacks...

6.1CVSS6.3AI score
Exploits0References1
PyPA
PyPA
added 2020/05/21 3:15 p.m.10 views

PYSEC-2020-242

netius prior to 1.17.58 is vulnerable to HTTP Request Smuggling. HTTP pipelining issues and request smuggling attacks might be possible due to incorrect Transfer encoding header parsing which could allow for CL:TE or TE:TE attacks...

6.1CVSS7AI score0.00811EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder