2390942 – (CVE-2025-57804) CVE-2025-57804 h2: h2 allows HTTP Request Smuggling due to illegal characters in headers

Bug 2390942 (CVE-2025-57804) - CVE-2025-57804 h2: h2 allows HTTP Request Smuggling due to illegal characters in headers

Summary: CVE-2025-57804 h2: h2 allows HTTP Request Smuggling due to illegal characters...

Keywords:
Status:	NEW
Alias:	CVE-2025-57804
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2025-08-25 22:01 UTC by OSIDB Bzimport
Modified:	2025-08-26 14:24 UTC (History)
CC List:	44 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-08-25 22:01:35 UTC

h2 is a pure-Python implementation of a HTTP/2 protocol stack. Prior to version 4.3.0, an HTTP/2 request splitting vulnerability allows attackers to perform request smuggling attacks by injecting CRLF characters into headers. This occurs when servers downgrade HTTP/2 requests to HTTP/1.1 without properly validating header names/values, enabling attackers to manipulate request boundaries and bypass security controls. This issue has been patched in version 4.3.0.

Note You need to log in before you can comment on or make changes to this bug.

adudiak
bkabrda
dbosanac
dhanak
drosa
dsimansk
gotiwari
haoli
hkataria
jajackso
jcammara
jcantril
jmitchel
jneedle
jreimann
jwendell
kegrant
kingland
koliveir
kshier
kverlaen
lball
mabashia
matzew
mdessi
mnovotny
mrizzi
mvyas
ngough
pbraun
pcattana
rcernich
rojacob
sausingh
sdawley
shvarugh
simaishi
smcdonal
stcannon
teagle
tfister
thavo
veshanka
yguenane