PT-2026-44752

A flaw was found in libsoup. A remote attacker could exploit an unsigned to signed conversion error in the soup body input stream read chunked function by sending a malicious HTTP request. This vulnerability occurs when libsoup operates behind a non-libsoup proxy server or as a proxy in front of ...

CLSA-2026-1778847162 httpd: Fix of CVE-2026-28780

CVE-2026-28780: heap-based buffer overflow in ajpmsgcheckheader in modproxyajp when proxying to a malicious AJP backend that returns an oversized response, allowing a 4-byte out-of-bounds write past the heap buffer...

libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy (First- vs Last-Value Wins)

A flaw in libsoup’s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, so this mismatch can cause vhost confusion where a proxy routes a request to one backend but the...

CVE-2025-11915

Connection desynchronization between an HTTP proxy and the model backend. The fixes were rolled out for all proxies in front of impacted models by 2025-09-28. Users do not need to take any action...

EUVD-2016-10703

Malware in sbrugna...

grpc: client communicating with a HTTP/2 proxy can poison the HPACK table between the proxy and the backend

A flaw was found in Google gRPC due to HPACK table poisoning between the proxy and backend so that other clients see failed requests, resulting in a denial of service. This occurs because the error status for a misencoded header is not cleared between header reads, resulting in subsequent...

SUSE CVE-2024-7246

It's possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table between the proxy and the backend such that other clients see failed requests. It's also possible to use this vulnerability to leak other clients HTTP header keys, but not values. This occurs because the...

AZL-47571 CVE-2024-7246 affecting package grpc 1.42.0-11

It's possible for a gRPC client communicating with a HTTP/2 proxy to poison the HPACK table between the proxy and the backend such that other clients see failed requests. It's also possible to use this vulnerability to leak other clients HTTP header keys, but not values. This occurs because the...

Excessive Iteration

Overview Affected versions of this package are vulnerable to Excessive Iteration. Specially crafted requests can cause a termination of connection between a proxy and a backend. Remediation Upgrade grpc to version 1.53.2, 1.54.3, 1.55.2, 1.56.2 or higher. References - Advisory - GitHub Commit...

gRPC Security Vulnerabilities

gRPC is a modern, open-source, high-performance remote procedure call RPC framework from gRPC Open Source. A security vulnerability exists in gRPC that stems from the fact that a malicious request may cause the connection between the proxy and the backend to terminate...

GHSA-CFGP-2977-2FMM Connection confusion in gRPC

When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to also be skipped, resulting in a desynchronization of HPACK tables between sender and receiver. If leveraged, say, between a proxy and a backend, this...

SUSE CVE-2016-9916

Memory leak in hw/9pfs/9p-proxy.c in QEMU aka Quick Emulator allows local privileged guest OS users to cause a denial of service host memory consumption and possibly QEMU process crash by leveraging a missing cleanup operation in the proxy backend...

fastify-reply-from 存在输入验证错误漏洞

Matteo Collina fastify-reply-from is Matteo Collina an open source application . It is used to forward the current http request to another server. A security vulnerability exists in fastify-reply-from before version 4.0.2, which can be exploited to escape the prefix of a proxy backend service by...

Denial Of Service (DoS)

QEMU is vulnerable to denial of service. A memory leak in hw/9pfs/9p-proxy.c allows local privileged guest OS users to crash the application by via a missing cleanup operation in the proxy backend...

Memory corruption

Memory leak in hw/9pfs/9p-proxy.c in QEMU aka Quick Emulator allows local privileged guest OS users to cause a denial of service host memory consumption and possibly QEMU process crash by leveraging a missing cleanup operation in the proxy backend...

CVE-2016-9916

QEMU 9pfs vulnerability CVE-2016-9916: memory leak in hw/9pfs/9p-proxy.c due to missing cleanup in the proxy backend, allowing a local privileged guest to exhaust host memory and potentially crash the QEMU process. Affected: QEMU with 9p filesystem (proxy backend). Root cause: missing cleanup ope...

PT-2016-2999 · Qemu +2 · Qemu +2

Name of the Vulnerable Software and Affected Versions: QEMU affected versions not specified Description: The issue is related to a memory leak in the hw/9pfs/9p-proxy.c function of the QEMU hardware emulator's proxy backend service. This leak can be exploited by a local user of the guest operatin...