125 matches found
Astra Linux – Vulnerability in Tomcat9
There is an input validation vulnerability in Apache Tomcat. Versions of Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81, and from 8.5.0 through 8.5.93 did not properly parse HTTP trailer headers. A specially crafted, invalid trailer header...
curl: Integer Overflow/Signedness Mismatch in Printf Precision for HTTP/2 Trailer Headers
BUG IN https://raw.githubusercontent.com/curl/curl/07a9b89fedaec60bdbc254f23f66149b31d2f8da/lib/http2.c c ifstream-bodystarted / This is a trailer / H2BUGFinfofdatas, "h2 trailer: %.s: %.s", namelen, name, valuelen, value; result = Curldynaddf&stream-trailerrecvbuf, "%.s: %.s\r\n", namelen, name,...
Memory Exhaustion
aiohttp is vulnerable to Memory Exhaustion. The vulnerability is due to insufficient restrictions in header/trailer handling, where unlimited trailer headers are accepted and an attacker can send a request or response with many trailers to cause uncapped memory usage...
CVE-2026-22815
CVE-2026-22815 affects aiohttp (Python asyncio HTTP framework). Prior to version 3.13.4, insufficient restrictions in header/trailer handling could lead to unbounded memory growth; this was patched in 3.13.4. A Nessus/NVD-style CVE entry confirms the issue and the fix. Remediation: upgrade to aio...
CVE-2026-22815 AIOHTTP: Uncapped memory usage possible through aiohttp allowing unlimited trailer headers
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, insufficient restrictions in header/trailer handling could cause uncapped memory usage. This issue has been patched in version 3.13.4...
EUVD-2026-18029
aiohttp allows unlimited trailer headers, leading to possible uncapped memory usage...
GHSA-W2FM-2CPV-W7V5 aiohttp allows unlimited trailer headers, leading to possible uncapped memory usage
Summary Insufficient restrictions in header/trailer handling could cause uncapped memory usage. Impact An application could cause memory exhaustion when receiving an attacker controlled request or response. A vulnerable web application could mitigate these risks with a typical reverse proxy...
aiohttp allows unlimited trailer headers, leading to possible uncapped memory usage
Summary Insufficient restrictions in header/trailer handling could cause uncapped memory usage. Impact An application could cause memory exhaustion when receiving an attacker controlled request or response. A vulnerable web application could mitigate these risks with a typical reverse proxy...
CVE-2026-32881
ewe is a Gleam web server. ewe is a Gleam web server. Versions 0.6.0 through 3.0.4 are vulnerable to authentication bypass or spoofed proxy-trust headers. Chunked transfer encoding trailer handling merges declared trailer fields into req.headers after body parsing, but the denylist only blocks 9...
CVE-2026-32873
ewe is a Gleam web server. Versions 0.8.0 through 3.0.4 contain a bug in the handletrailers function where rejected trailer headers forbidden or undeclared cause an infinite loop. When handletrailers encounters such a trailer, three code paths lines 520, 523, 526 recurse with the original buffer...
CVE-2026-32881
ewe is a Gleam web server. ewe is a Gleam web server. Versions 0.6.0 through 3.0.4 are vulnerable to authentication bypass or spoofed proxy-trust headers. Chunked transfer encoding trailer handling merges declared trailer fields into req.headers after body parsing, but the denylist only blocks 9...
CVE-2026-32881 ewe has an Overly Permissive List of Allowed Inputs
ewe is a Gleam web server. ewe is a Gleam web server. Versions 0.6.0 through 3.0.4 are vulnerable to authentication bypass or spoofed proxy-trust headers. Chunked transfer encoding trailer handling merges declared trailer fields into req.headers after body parsing, but the denylist only blocks 9...
CVE-2026-32881 ewe has an Overly Permissive List of Allowed Inputs
ewe is a Gleam web server. ewe is a Gleam web server. Versions 0.6.0 through 3.0.4 are vulnerable to authentication bypass or spoofed proxy-trust headers. Chunked transfer encoding trailer handling merges declared trailer fields into req.headers after body parsing, but the denylist only blocks 9...
CVE-2026-32873
CVE-2026-32873 affects the Gleam-based web server ewe (versions 0.8.0–3.0.4). The bug in handle_trailers causes an infinite loop when encountering rejected trailers by recursively re-parsing the same header (using rest) instead of advancing past it (Buffer(header_rest, 0)). This leads to a perman...
CVE-2026-32873 ewe: Loop with Unreachable Exit Condition ('Infinite Loop')
ewe is a Gleam web server. Versions 0.8.0 through 3.0.4 contain a bug in the handletrailers function where rejected trailer headers forbidden or undeclared cause an infinite loop. When handletrailers encounters such a trailer, three code paths lines 520, 523, 526 recurse with the original buffer...
Permissive List of Allowed Inputs in ewe
Summary ewe's chunked transfer encoding trailer handling merges declared trailer fields into req.headers after body parsing, but the denylist only blocks 9 header names. Security-sensitive headers like authorization, cookie, and x-forwarded-for can be injected or overwritten by a malicious client...
GHSA-9W88-79F8-M3VP Permissive List of Allowed Inputs in ewe
Summary ewe's chunked transfer encoding trailer handling merges declared trailer fields into req.headers after body parsing, but the denylist only blocks 9 header names. Security-sensitive headers like authorization, cookie, and x-forwarded-for can be injected or overwritten by a malicious client...
PT-2026-26175
Summary ewe's chunked transfer encoding trailer handling merges declared trailer fields into req.headers after body parsing, but the denylist only blocks 9 header names. Security-sensitive headers like authorization, cookie, and x-forwarded-for can be injected or overwritten by a malicious client...
EUVD-2023-2799
Malicious code in bioql PyPI...
CVE-2025-59822 Http4s vulnerable to HTTP Request Smuggling due to improper handling of HTTP trailer section
Http4s is a Scala interface for HTTP services. In versions from 1.0.0-M1 to before 1.0.0-M45 and before 0.23.31, http4s is vulnerable to HTTP Request Smuggling due to improper handling of HTTP trailer section. This vulnerability could enable attackers to bypass front-end servers security controls...