216.73.217.139

CVE-2025-22871

· Published 08/04/2025 20:15 · Modified 09/04/2025 20:02

Labels: CVE-2025-22871 2025-04-08CVE-2025-22871[email protected]

Essential information

Published
08/04/2025 20:15
Modified
09/04/2025 20:02
Author
Creator
CISA KEV
No
CWE

Description

The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References