CVE-2026-41417

Netty allows request-line validation to be bypassed when a DefaultHttpRequest or DefaultFullHttpRequest is created first and its URI is later changed via setUri. The constructors reject CRLF and whitespace characters that would break the start-line, but setUri does not apply the same validation...

K63312282: BIG-IP LTM HTTP/2 desync attacks: request line injection

Security Advisory Description Multiple desync attacks have been discovered. For more information refer to the following related articles: K27144609: Overview of HTTP/2 desync attacks K30341203: BIG-IP LTM and NGINX are not exposed to certain desync attacks K97045220: BIG-IP LTM HTTP/2 desync...

Internet Bug Bounty: Request line injection via HTTP/2 in Apache mod_proxy

I've written this issue up fully here: https://portswigger.net/research/http2request In case it's useful, here's the original report as sent to Apache: I'd like to report a vulnerability in Apache modproxy when used with HTTP/2 enabled. It fails to reject HTTP requests that contain spaces in the...

Apache Tomcat 8.5.0 < 8.5.8 multiple vulnerabilities

The version of Tomcat installed on the remote host is prior to 8.5.8. It is, therefore, affected by multiple vulnerabilities as referenced in the fixedinapachetomcat8.5.8security-8 advisory. - Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39...