Lucene search
K

26 matches found

Github Security Blog
Github Security Blog
added 2026/06/16 2:32 p.m.29 views

hono: Lambda@Edge adapter keeps only the last value of a repeated request header, dropping the rest

Summary On AWS Lambda@Edge, CloudFront delivers a request header that appears more than once as several separate entries. The adapter writes each value with Headers.set instead of Headers.append, so every value overwrites the previous one and only the last reaches the application. Repeated reques...

4.8CVSS5.4AI score0.00114EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/16 2:32 p.m.4 views

GHSA-WGPF-JWQJ-8H8P hono: Lambda@Edge adapter keeps only the last value of a repeated request header, dropping the rest

Summary On AWS Lambda@Edge, CloudFront delivers a request header that appears more than once as several separate entries. The adapter writes each value with Headers.set instead of Headers.append, so every value overwrites the previous one and only the last reaches the application. Repeated reques...

4.8CVSS5.4AI score0.00114EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.11 views

PT-2026-49736

Summary On AWS Lambda@Edge, CloudFront delivers a request header that appears more than once as several separate entries. The adapter writes each value with Headers.set instead of Headers.append, so every value overwrites the previous one and only the last reaches the application. Repeated reques...

4.8CVSS5.4AI score0.00114EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/03/12 8:52 a.m.4 views

SUSE CVE-2026-31838

Istio is an open platform to connect, manage, and secure microservices. Prior to 1.29.1, 1.28.5, and 1.27.8, a vulnerability in Envoy RBAC header matching could allow authorization policy bypass when policies rely on HTTP headers that may contain multiple values. An attacker could craft requests...

6.9CVSS5.8AI score0.00214EPSS
Exploits0References3
OSV
OSV
added 2026/03/12 8:39 a.m.3 views

BIT-ENVOY-2026-26308 Envoy has an RBAC Header Validation Bypass via Multi-Value Header Concatenation

Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, the Envoy RBAC Role-Based Access Control filter contains a logic vulnerability in how it validates HTTP headers when multiple values are present for the same header name. Instead of validating eac...

8.2CVSS5.8AI score0.00293EPSS
Exploits1References3
Hacker One
Hacker One
added 2026/03/11 4:6 p.m.13 views

curl: Curl_compareheader() fails to match multi-value HTTP headers

Summary Curlcompareheader in lib/http.c fails to scan the full value of HTTP headers for substring matches. Due to an incorrect loop condition, only the first byte position of the header value is checked. This causes curl to miss connection options like close when they appear as non-first tokens ...

5.8AI score
Exploits0
NVD
NVD
added 2026/03/10 10:16 p.m.7 views

CVE-2026-31838

Istio is an open platform to connect, manage, and secure microservices. Prior to 1.29.1, 1.28.5, and 1.27.8, a vulnerability in Envoy RBAC header matching could allow authorization policy bypass when policies rely on HTTP headers that may contain multiple values. An attacker could craft requests...

6.9CVSS0.00214EPSS
Exploits0References2
OSV
OSV
added 2026/03/10 9:58 p.m.4 views

CVE-2026-31838 Istio HTTP debug endpoints on port 15014 to enforce namespace-based authorization, preventing cross-namespace proxy data access.

Istio is an open platform to connect, manage, and secure microservices. Prior to 1.29.1, 1.28.5, and 1.27.8, a vulnerability in Envoy RBAC header matching could allow authorization policy bypass when policies rely on HTTP headers that may contain multiple values. An attacker could craft requests...

6.9CVSS5.8AI score0.00214EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/10 7:1 p.m.26 views

CVE-2026-26308 Envoy has an RBAC Header Validation Bypass via Multi-Value Header Concatenation

Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, the Envoy RBAC Role-Based Access Control filter contains a logic vulnerability in how it validates HTTP headers when multiple values are present for the same header name. Instead of validating eac...

7.5CVSS0.00293EPSS
Exploits1References2
OSV
OSV
added 2026/03/10 7:1 p.m.5 views

CVE-2026-26308 Envoy has an RBAC Header Validation Bypass via Multi-Value Header Concatenation

Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, the Envoy RBAC Role-Based Access Control filter contains a logic vulnerability in how it validates HTTP headers when multiple values are present for the same header name. Instead of validating eac...

7.5CVSS5.8AI score0.00293EPSS
Exploits1References4
EUVD
EUVD
added 2026/03/10 7:1 p.m.5 views

EUVD-2026-10799

Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, the Envoy RBAC Role-Based Access Control filter contains a logic vulnerability in how it validates HTTP headers when multiple values are present for the same header name. Instead of validating eac...

7.5CVSS5.8AI score0.00293EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/10 7:1 p.m.10 views

CVE-2026-26308 Envoy has an RBAC Header Validation Bypass via Multi-Value Header Concatenation

Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, the Envoy RBAC Role-Based Access Control filter contains a logic vulnerability in how it validates HTTP headers when multiple values are present for the same header name. Instead of validating eac...

7.5CVSS5.8AI score0.00293EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/03/10 6:30 p.m.8 views

Envoy has RBAC Header Validation Bypass via Multi-Value Header Concatenation

Summary The Envoy RBAC Role-Based Access Control filter contains a logic vulnerability in how it validates HTTP headers when multiple values are present for the same header name. Instead of validating each header value individually, Envoy concatenates all values into a single comma-separated...

8.2CVSS5.8AI score0.00293EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.5 views

Envoy 安全漏洞

Envoy is an open-source gateway program developed by Enphase for connecting smart home devices. There are security vulnerabilities in versions of Envoy prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13. These vulnerabilities stem from logical flaws in the role-based access control filter, which may...

8.2CVSS5.8AI score0.00293EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.10 views

PT-2026-24489

Istio is an open platform to connect, manage, and secure microservices. Prior to 1.29.1, 1.28.5, and 1.27.8, a vulnerability in Envoy RBAC header matching could allow authorization policy bypass when policies rely on HTTP headers that may contain multiple values. An attacker could craft requests...

6.9CVSS5.8AI score0.00214EPSS
Exploits0References2
OSV
OSV
added 2024/03/06 10:58 a.m.21 views

BIT-ENVOY-2021-32777 Incorrect concatenation of multiple value request headers in ext-authz extension

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions when ext-authz extension is sending request headers to the external authorization service it must merge multiple value headers according to the HTTP spec. However,...

8.6CVSS8.4AI score0.03325EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2024/02/01 8:53 p.m.38 views

Bref Doesn't Support Multiple Value Headers in ApiGatewayFormatV2

Impacted Resources bref/src/Event/Http/HttpResponse.php:61-90 Description When Bref is used in combination with an API Gateway with the v2 format, it does not handle multiple values headers. Precisely, if PHP generates a response with two headers having the same key but different values only the...

6.5CVSS7.4AI score0.00426EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/01 4:9 p.m.4 views

CVE-2024-24753 Bref Multiple Value Headers Not Supported in ApiGatewayFormatV2

Bref enable serverless PHP on AWS Lambda. When Bref is used in combination with an API Gateway with the v2 format, it does not handle multiple values headers. If PHP generates a response with two headers having the same key but different values only the latest one is kept. If an application relie...

4.8CVSS5.7AI score0.00426EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/02/01 4:9 p.m.36 views

CVE-2024-24753 Bref Multiple Value Headers Not Supported in ApiGatewayFormatV2

Bref enable serverless PHP on AWS Lambda. When Bref is used in combination with an API Gateway with the v2 format, it does not handle multiple values headers. If PHP generates a response with two headers having the same key but different values only the latest one is kept. If an application relie...

4.8CVSS6.7AI score0.00426EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/02/01 12:0 a.m.6 views

Bref Security Breach

Bref is an open source project by Matthieu Napoli Individual Developer that helps you go serverless on AWS using PHP. A security vulnerability exists in versions prior to Bref 2.1.13 that stems from not handling multiple value headers when Bref is used in conjunction with a v2-formatted API gatew...

6.5CVSS6.7AI score0.00426EPSS
Exploits1References3
Rows per page
Query Builder