Tag

Http

2 briefs RSS

HTTP/2 Implementations Vulnerability Enables Denial of Service

A remote, anonymous attacker can exploit a vulnerability in various HTTP/2 implementations to perform a denial-of-service attack.

http/2 denial-of-service webserver

2r 1t Apr 1, 2026

high advisory

Netty HTTP Request Smuggling via Chunked Extension Quoted-String Parsing

2 rules 1 TTP 2 IOCs

Netty incorrectly parses quoted strings in HTTP/1.1 chunked transfer encoding extension values, enabling request smuggling attacks by terminating chunk header parsing at \r\n inside quoted strings instead of rejecting the malformed request.

netty request-smuggling http

2r 1t 2i Mar 26, 2026