CVE-2025-43859 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of line terminators in chunked-coding message bodies can lead t…
Critical CVSS: 9.1

CVE-2025-43859

h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. This issue has been patched in version 0.16.0. Since exploitation requires the combination of buggy h11 with a buggy (reverse) proxy, fixing either component is sufficient to mitigate this issue.
Vendor
-
Product
-
CWE
CWE-444
Yayın Tarihi
2025-04-24 19:15:47
Güncelleme
2025-04-29 13:52:28
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-444 CRITICAL 2025

Referanslar

https://github.com/python-hyper/h11/commit/114803a29ce50116dc47951c690ad4892b1a36ed https://github.com/python-hyper/h11/security/advisories/GHSA-vqfr-h8mv-ghfj