216.73.217.172

CVE-2024-52530

· Published 11/11/2024 20:15 · Modified 12/11/2024 19:35

Labels: CVE-2024-52530 2024-11-11CVE-2024-52530CWE-444[email protected]

Essential information

Published
11/11/2024 20:15
Modified
12/11/2024 19:35
Author
Creator
CVSS
7.5 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CVSS metrics

Description

GNOME libsoup before 3.6.0 allows HTTP request smuggling in some configurations because '\0' characters at the end of header names are ignored, i.e., a "Transfer-Encoding\0: chunked" header is treated the same as a "Transfer-Encoding: chunked" header.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References