Количество 7
Количество 7
GHSA-vqfr-h8mv-ghfj
h11 accepts some malformed Chunked-Encoding bodies
CVE-2025-43859
h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. This issue has been patched in version 0.16.0. Since exploitation requires the combination of buggy h11 with a buggy (reverse) proxy, fixing either component is sufficient to mitigate this issue.
CVE-2025-43859
h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. This issue has been patched in version 0.16.0. Since exploitation requires the combination of buggy h11 with a buggy (reverse) proxy, fixing either component is sufficient to mitigate this issue.
CVE-2025-43859
h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. This issue has been patched in version 0.16.0. Since exploitation requires the combination of buggy h11 with a buggy (reverse) proxy, fixing either component is sufficient to mitigate this issue.
CVE-2025-43859
h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a ...
SUSE-SU-2025:1430-1
Security update for python-h11
BDU:2025-06251
Уязвимость библиотеки h11, связанная с недостатками обработки HTTP-запросов, позволяющая нарушителю оказать влияние на конфиденциальность и целостность защищаемой информации
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-vqfr-h8mv-ghfj h11 accepts some malformed Chunked-Encoding bodies | CVSS3: 9.1 | 0% Низкий | около 2 месяцев назад |
 | CVE-2025-43859 h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. This issue has been patched in version 0.16.0. Since exploitation requires the combination of buggy h11 with a buggy (reverse) proxy, fixing either component is sufficient to mitigate this issue. | CVSS3: 9.1 | 0% Низкий | около 2 месяцев назад |
 | CVE-2025-43859 h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. This issue has been patched in version 0.16.0. Since exploitation requires the combination of buggy h11 with a buggy (reverse) proxy, fixing either component is sufficient to mitigate this issue. | CVSS3: 7.4 | 0% Низкий | около 2 месяцев назад |
 | CVE-2025-43859 h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. This issue has been patched in version 0.16.0. Since exploitation requires the combination of buggy h11 with a buggy (reverse) proxy, fixing either component is sufficient to mitigate this issue. | CVSS3: 9.1 | 0% Низкий | около 2 месяцев назад |
| CVE-2025-43859 h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a ... | CVSS3: 9.1 | 0% Низкий | около 2 месяцев назад |
 | SUSE-SU-2025:1430-1 Security update for python-h11 | 0% Низкий | около 2 месяцев назад | |
 | BDU:2025-06251 Уязвимость библиотеки h11, связанная с недостатками обработки HTTP-запросов, позволяющая нарушителю оказать влияние на конфиденциальность и целостность защищаемой информации | CVSS3: 9.1 | 0% Низкий | около 2 месяцев назад |
Уязвимостей на страницу