CVE-2025-66373
- EPSS 0.03%
- Veröffentlicht 04.12.2025 00:00:00
- Zuletzt bearbeitet 08.12.2025 18:27:15
Akamai Ghost on Akamai CDN edge servers before 2025-11-17 has a chunked request body processing error that can result in HTTP request smuggling. When Akamai Ghost receives an invalid chunked body that includes a chunk size different from the actual s...
- EPSS 0.04%
- Veröffentlicht 29.08.2025 00:00:00
- Zuletzt bearbeitet 29.08.2025 16:24:29
Akamai Ghost before 2025-07-21 allows HTTP Request Smuggling via an OPTIONS request that has an entity body, because there can be a subsequent request within the persistent connection between an Akamai proxy server and an origin server, if the origin...
- EPSS 0.06%
- Veröffentlicht 07.08.2025 00:00:00
- Zuletzt bearbeitet 07.08.2025 21:26:37
An issue was discovered in Akamai Ghost, as used for the Akamai CDN platform before 2025-03-26. Under certain circumstances, a client making an HTTP/1.x OPTIONS request with an "Expect: 100-continue" header, and using obsolete line folding, can lead ...