Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

6 advisories

Loading
aiohttp allows request smuggling due to incorrect parsing of chunk extensions Low
CVE-2024-52304 was published for aiohttp (pip) Nov 18, 2024
JeppW
Puma with proxy which forwards LF characters as line endings could allow HTTP request smuggling Low
CVE-2021-41136 was published for puma (RubyGems) Oct 12, 2021
asta12 mattiasgrenfeldt
Lenient Parsing of Content-Length Header When Prefixed with Plus Sign Low
CVE-2021-32715 was published for hyper (Rust) Jul 12, 2021
mattiasgrenfeldt asta12
tdunlap607
Ability to switch channels via GET parameter enabled in production environments Low
CVE-2020-5218 was published for sylius/sylius (Composer) Jan 31, 2020
Request smuggling is possible when both chunked TE and content length specified Low
CVE-2020-5207 was published for io.ktor:ktor-client-cio (Maven) Jan 27, 2020
ProTip! Advisories are also available from the GraphQL API