- EPSS 0.04%
- Veröffentlicht 23.02.2026 00:00:00
- Zuletzt bearbeitet 23.02.2026 18:13:53
Akamai Ghost on Akamai CDN edge servers before 2026-02-06 mishandles processing of custom hop-by-hop HTTP headers, where an incoming request containing the header "Connection: Transfer-Encoding" could result in a forward request with invalid message ...
CVE-2025-66373
- EPSS 0.05%
- Veröffentlicht 04.12.2025 00:00:00
- Zuletzt bearbeitet 16.12.2025 20:58:58
Akamai Ghost on Akamai CDN edge servers before 2025-11-17 has a chunked request body processing error that can result in HTTP request smuggling. When Akamai Ghost receives an invalid chunked body that includes a chunk size different from the actual s...
- EPSS 0.03%
- Veröffentlicht 29.08.2025 00:00:00
- Zuletzt bearbeitet 29.08.2025 16:24:29
Akamai Ghost before 2025-07-21 allows HTTP Request Smuggling via an OPTIONS request that has an entity body, because there can be a subsequent request within the persistent connection between an Akamai proxy server and an origin server, if the origin...
- EPSS 0.04%
- Veröffentlicht 07.08.2025 00:00:00
- Zuletzt bearbeitet 07.08.2025 21:26:37
An issue was discovered in Akamai Ghost, as used for the Akamai CDN platform before 2025-03-26. Under certain circumstances, a client making an HTTP/1.x OPTIONS request with an "Expect: 100-continue" header, and using obsolete line folding, can lead ...