CVE-2026-29057

A request smuggling flaw has been discovered in Next.js. when Next.js rewrites proxy traffic to an external backend, a crafted DELETE/OPTIONS request using Transfer-Encoding: chunked could trigger request boundary disagreement between the proxy and backend. This could allow request smuggling...

Next.js 环境问题漏洞

Next.js is a React framework open source by Vercel. Versions of Next.js from 9.5.0 to 15.5.13, as well as versions before 16.1.7, have an environmental issue vulnerability. This vulnerability arises when the proxy rewrites traffic, and specially crafted DELETE/OPTIONS requests may trigger...

MiracleLinux 7 : httpd-2.4.6-97.2.0.1.el7.AXS7 (AXSA:2021-2543:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2543:02 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Bug Fixes: proxy rewrite to unix socket fails with...

httpd:2.4 bug fix update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Bug Fixes: proxy rewrite to unix socket fails with CVE-2021-40438 fix BZ2017854, BZ2017855, BZ2017856...

2.4 bug fix update

An update is available for httpd, modhttp2, modmd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The httpd packages provide the Apache HTTP Server, a powerful,...

ALBA-2021:4604 httpd:2.4 bug fix update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Bug Fixes: proxy rewrite to unix socket fails with CVE-2021-40438 fix BZ2017854, BZ2017855, BZ2017856...