Security Advisory

CVE-2024-52530

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-11-11 00:00:00
Last updated 2025-11-03 22:28:35
Assigner mitre
State PUBLISHED

Description

GNOME libsoup before 3.6.0 allows HTTP request smuggling in some configurations because 0 characters at the end of header names are ignored, i.e., a "Transfer-Encoding0: chunked" header is treated the same as a "Transfer-Encoding: chunked" header.