Lucene search
K

33 matches found

Cvelist
Cvelist
added 6 days ago33 views

CVE-2026-38969

ruby webrick through v1.9.2 WEBrick reparses trailer Content-Length into canonical request state, enabling request smuggling...

0.00289EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/23 12:0 a.m.10 views

OpenTelemetry .NET 安全漏洞

OpenTelemetry .NET is the .NET client of OpenTelemetry by OpenTelemetry Inc. There were security vulnerabilities in the version of OpenTelemetry .NET from 1.13.1 to 1.15.2. These vulnerabilities stemmed from the gRPC exporter’s ability to parse the grpc-status-details-bin trailer provided by the...

5.3CVSS5.8AI score0.00192EPSS
Exploits0References1
OSV
OSV
added 2026/02/12 2:1 p.m.2 views

OPENSUSE-SU-2026:20204-1 Security update for python-aiohttp, python-Brotli

This update for python-aiohttp, python-Brotli fixes the following issues: Changes in python-aiohttp: - CVE-2025-69228: Fixed denial of service through large payloads bsc1256022. - CVE-2025-69226: Fixed brute-force leak of internal static file path components bsc1256020. - CVE-2025-69224: Fixed...

8.7CVSS7.1AI score0.00487EPSS
Exploits0References17
OSV
OSV
added 2026/02/12 1:59 p.m.13 views

SUSE-SU-2026:20425-1 Security update for python-aiohttp, python-Brotli

This update for python-aiohttp, python-Brotli fixes the following issues: Changes in python-aiohttp: - CVE-2025-69228: Fixed denial of service through large payloads bsc1256022. - CVE-2025-69226: Fixed brute-force leak of internal static file path components bsc1256020. - CVE-2025-69224: Fixed...

8.7CVSS6.8AI score0.00487EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2025/12/15 12:0 a.m.4 views

SUSE SLES15 Security Update : python-eventlet (SUSE-SU-2025:03051-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:03051-1 advisory. - CVE-2025-58068: improper handling of HTTP trailer sections in WSGI parser leads to HTTP request smuggling bsc1248994. Tenable has extracted the...

9.1CVSS5.7AI score0.00363EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/19 1:56 p.m.10 views

Security Bulletin: Eventlet Pre-0.40.3 HTTP Trailer Parsing Flaw Enables HTTP Request Smuggling

Summary Eventlet is a concurrent networking library for Python. Prior to version 0.40.3, the Eventlet WSGI parser is vulnerable to HTTP Request Smuggling due to improper handling of HTTP trailer sections. This vulnerability could enable attackers to, bypass front-end security controls, launch...

9.1CVSS6.7AI score0.00363EPSS
Exploits0Affected Software1
Snyk
Snyk
added 2025/09/23 5:37 p.m.4 views

HTTP Request Smuggling

Overview Affected versions of this package are vulnerable to HTTP Request Smuggling due to improper parsing of the HTTP trailer section in the parse function. An attacker can bypass security controls, launch targeted attacks against users, or poison web caches by crafting specially formed HTTP...

7.5CVSS6.6AI score0.00349EPSS
Exploits1References2
Snyk
Snyk
added 2025/09/23 5:37 p.m.4 views

HTTP Request Smuggling

Overview Affected versions of this package are vulnerable to HTTP Request Smuggling due to improper parsing of the HTTP trailer section in the parse function. An attacker can bypass security controls, launch targeted attacks against users, or poison web caches by crafting specially formed HTTP...

7.5CVSS6.6AI score0.00349EPSS
Exploits1References2
Snyk
Snyk
added 2025/09/23 5:37 p.m.4 views

HTTP Request Smuggling

Overview Affected versions of this package are vulnerable to HTTP Request Smuggling due to improper parsing of the HTTP trailer section in the parse function. An attacker can bypass security controls, launch targeted attacks against users, or poison web caches by crafting specially formed HTTP...

7.5CVSS6.6AI score0.00349EPSS
Exploits1References2
Snyk
Snyk
added 2025/09/23 5:37 p.m.3 views

HTTP Request Smuggling

Overview Affected versions of this package are vulnerable to HTTP Request Smuggling due to improper parsing of the HTTP trailer section in the parse function. An attacker can bypass security controls, launch targeted attacks against users, or poison web caches by crafting specially formed HTTP...

7.5CVSS6.6AI score0.00349EPSS
Exploits1References2
Snyk
Snyk
added 2025/09/23 5:37 p.m.2 views

HTTP Request Smuggling

Overview Affected versions of this package are vulnerable to HTTP Request Smuggling due to improper parsing of the HTTP trailer section in the parse function. An attacker can bypass security controls, launch targeted attacks against users, or poison web caches by crafting specially formed HTTP...

7.5CVSS6.6AI score0.00349EPSS
Exploits1References2
Snyk
Snyk
added 2025/09/23 5:37 p.m.1 views

HTTP Request Smuggling

Overview Affected versions of this package are vulnerable to HTTP Request Smuggling due to improper parsing of the HTTP trailer section in the parse function. An attacker can bypass security controls, launch targeted attacks against users, or poison web caches by crafting specially formed HTTP...

7.5CVSS6.6AI score0.00349EPSS
Exploits1References2
Snyk
Snyk
added 2025/09/23 5:37 p.m.3 views

HTTP Request Smuggling

Overview Affected versions of this package are vulnerable to HTTP Request Smuggling due to improper parsing of the HTTP trailer section in the parse function. An attacker can bypass security controls, launch targeted attacks against users, or poison web caches by crafting specially formed HTTP...

7.5CVSS6.6AI score0.00349EPSS
Exploits1References2
Snyk
Snyk
added 2025/09/23 5:37 p.m.3 views

HTTP Request Smuggling

Overview Affected versions of this package are vulnerable to HTTP Request Smuggling due to improper parsing of the HTTP trailer section in the parse function. An attacker can bypass security controls, launch targeted attacks against users, or poison web caches by crafting specially formed HTTP...

7.5CVSS6.6AI score0.00349EPSS
Exploits1References2
Snyk
Snyk
added 2025/09/23 5:37 p.m.5 views

HTTP Request Smuggling

Overview Affected versions of this package are vulnerable to HTTP Request Smuggling due to improper parsing of the HTTP trailer section in the parse function. An attacker can bypass security controls, launch targeted attacks against users, or poison web caches by crafting specially formed HTTP...

7.5CVSS6.6AI score0.00349EPSS
Exploits1References2
Snyk
Snyk
added 2025/09/23 5:37 p.m.4 views

HTTP Request Smuggling

Overview Affected versions of this package are vulnerable to HTTP Request Smuggling due to improper parsing of the HTTP trailer section in the parse function. An attacker can bypass security controls, launch targeted attacks against users, or poison web caches by crafting specially formed HTTP...

7.5CVSS6.6AI score0.00349EPSS
Exploits1References2
Snyk
Snyk
added 2025/09/23 5:37 p.m.3 views

HTTP Request Smuggling

Overview Affected versions of this package are vulnerable to HTTP Request Smuggling due to improper parsing of the HTTP trailer section in the parse function. An attacker can bypass security controls, launch targeted attacks against users, or poison web caches by crafting specially formed HTTP...

7.5CVSS6.6AI score0.00349EPSS
Exploits1References2
Snyk
Snyk
added 2025/09/23 5:37 p.m.5 views

HTTP Request Smuggling

Overview Affected versions of this package are vulnerable to HTTP Request Smuggling due to improper parsing of the HTTP trailer section in the parse function. An attacker can bypass security controls, launch targeted attacks against users, or poison web caches by crafting specially formed HTTP...

7.5CVSS6.6AI score0.00349EPSS
Exploits1References2
OSV
OSV
added 2025/09/23 5:37 p.m.6 views

GHSA-WCWH-7GFW-5WRR Http4s vulnerable to HTTP Request Smuggling due to improper handling of HTTP trailer section

Summary http4s is vulnerable to HTTP Request Smuggling due to improper handling of HTTP trailer section. This vulnerability could enable attackers to: - Bypass front-end servers security controls - Launch targeted attacks against active users - Poison web caches Pre-requisites for the exploitatio...

6.3CVSS6.1AI score0.00349EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2025/09/23 5:37 p.m.9 views

Http4s vulnerable to HTTP Request Smuggling due to improper handling of HTTP trailer section

Summary http4s is vulnerable to HTTP Request Smuggling due to improper handling of HTTP trailer section. This vulnerability could enable attackers to: - Bypass front-end servers security controls - Launch targeted attacks against active users - Poison web caches Pre-requisites for the exploitatio...

7.5CVSS7.2AI score0.00349EPSS
Exploits1References4Affected Software3
Rows per page
Query Builder