1155 matches found
EUVD-2025-21055
Malicious code in bioql PyPI...
EUVD-2022-24990
Malicious code in bioql PyPI...
EUVD-2018-8862
Malicious code in bioql PyPI...
EUVD-2024-1316
Malicious code in bioql PyPI...
EUVD-2024-0323
Malicious code in bioql PyPI...
EUVD-2025-29042
Malicious code in bioql PyPI...
EUVD-2025-6969
Malicious code in bioql PyPI...
EUVD-2023-2224
Malicious code in bioql PyPI...
CVE-2025-59139
Hono is a Web application framework that provides support for any JavaScript runtime. In versions prior to 4.9.7, a flaw in the bodyLimit middleware could allow bypassing the configured request body size limit when conflicting HTTP headers were present. The middleware previously prioritized the...
GHSA-92VJ-G62V-JQHH Hono has Body Limit Middleware Bypass
Summary A flaw in the bodyLimit middleware could allow bypassing the configured request body size limit when conflicting HTTP headers were present. Details The middleware previously prioritized the Content-Length header even when a Transfer-Encoding: chunked header was also included. According to...
Hono has Body Limit Middleware Bypass
Summary A flaw in the bodyLimit middleware could allow bypassing the configured request body size limit when conflicting HTTP headers were present. Details The middleware previously prioritized the Content-Length header even when a Transfer-Encoding: chunked header was also included. According to...
CVE-2025-59139
Hono is a Web application framework that provides support for any JavaScript runtime. In versions prior to 4.9.7, a flaw in the bodyLimit middleware could allow bypassing the configured request body size limit when conflicting HTTP headers were present. The middleware previously prioritized the...
HTTP Request Smuggling
Overview hono is an Ultrafast web framework for the Edges Affected versions of this package are vulnerable to HTTP Request Smuggling via the bodyLimit middleware when conflicting HTTP headers are present. An attacker can cause excessive memory or CPU consumption by sending oversized request bodie...
CVE-2025-59139 Hono has Body Limit Middleware Bypass
Hono is a Web application framework that provides support for any JavaScript runtime. In versions prior to 4.9.7, a flaw in the bodyLimit middleware could allow bypassing the configured request body size limit when conflicting HTTP headers were present. The middleware previously prioritized the...
CVE-2025-59139 Hono has Body Limit Middleware Bypass
Hono is a Web application framework that provides support for any JavaScript runtime. In versions prior to 4.9.7, a flaw in the bodyLimit middleware could allow bypassing the configured request body size limit when conflicting HTTP headers were present. The middleware previously prioritized the...
CVE-2025-59139 Hono has Body Limit Middleware Bypass
Hono is a Web application framework that provides support for any JavaScript runtime. In versions prior to 4.9.7, a flaw in the bodyLimit middleware could allow bypassing the configured request body size limit when conflicting HTTP headers were present. The middleware previously prioritized the...
CVE-2025-59139
CVE-2025-59139 affects the Hono web framework (pre-4.9.7). A flaw in the bodyLimit middleware allowed bypassing the configured request body size limit when conflicting headers were present, because Content-Length could be prioritized over Transfer-Encoding: chunked. The HTTP spec requires Transfe...
PT-2025-37316
Name of the Vulnerable Software and Affected Versions: Hono versions prior to 4.9.7 Description: Hono is a Web application framework that provides support for any JavaScript runtime. A flaw in the bodyLimit middleware could allow bypassing the configured request body size limit when conflicting...
Linux Distros Unpatched Vulnerability : CVE-2020-7659
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - reel through 0.6.1 allows Request Smuggling attacks due to incorrect Content-Length and Transfer encoding header parsing. It is possible to conduct HTTP request...
Linux Distros Unpatched Vulnerability : CVE-2021-33037
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstance...