2 matches found
CVE-2025-57804
CVE-2025-57804 affects the Python package h2 (HTTP/2 protocol stack). Prior to version 4.3.0, it allows HTTP/2 request splitting via CRLF injection in headers when servers downgrade HTTP/2 requests to HTTP/1.1 without validating header names/values. This can enable attackers to manipulate request...
TencentOS Server 4: nodejs (TSSA-2024:0613)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0613 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...