5.3

CVE-2026-48135

HTTP service can incorrectly process malformed HTTP requests

A Check Point HTTP-based service can incorrectly handle malformed HTTP requests.
The issue is related to HTTP request parsing and validation.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
Herstellercheckpoint
Produkt Quantum Security Gateway
Version R82.10 with Jumbo Hotfix Take 6 or below
Status affected
Version R82 with Jumbo Hotfix Take 91 or below
Status affected
Version R81.20 with Jumbo Hotfix Take 127 or below
Status affected
Version All releases from R81.10 and below
Status affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.61% 0.834
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
cve@checkpoint.com 5.3 3.9 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CWE-122 Heap-based Buffer Overflow

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().