CVE-2025-59822

Published: Sep 23, 2025Modified: Oct 8, 2025

6.3

Vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less

Source: security-advisories@github.com (Secondary)

Description

Http4s is a Scala interface for HTTP services. In versions from 1.0.0-M1 to before 1.0.0-M45 and before 0.23.31, http4s is vulnerable to HTTP Request Smuggling due to improper handling of HTTP trailer section. This vulnerability could enable attackers to bypass front-end servers security controls, launch targeted attacks against active users, and poison web caches. A pre-requisite for exploitation involves the web application being deployed behind a reverse-proxy that forwards trailer headers. This issue has been patched in versions 1.0.0-M45 and 0.23.31.

Affected (45)

Products: Typelevel: Http4s

Typelevel

1 product

Http4s

Configuration A

45 vulnerable

Vulnerable Software	Affected Versions
Typelevel Http4s	Before 0.23.31
Typelevel Http4s	Version 1.0.0 milestone10
Typelevel Http4s	Version 1.0.0 milestone11
Typelevel Http4s	Version 1.0.0 milestone12
Typelevel Http4s	Version 1.0.0 milestone13
Typelevel Http4s	Version 1.0.0 milestone14
Typelevel Http4s	Version 1.0.0 milestone15
Typelevel Http4s	Version 1.0.0 milestone16
Typelevel Http4s	Version 1.0.0 milestone17
Typelevel Http4s	Version 1.0.0 milestone18
Typelevel Http4s	Version 1.0.0 milestone19
Typelevel Http4s	Version 1.0.0 milestone1
Typelevel Http4s	Version 1.0.0 milestone20
Typelevel Http4s	Version 1.0.0 milestone21
Typelevel Http4s	Version 1.0.0 milestone22
Typelevel Http4s	Version 1.0.0 milestone23
Typelevel Http4s	Version 1.0.0 milestone24
Typelevel Http4s	Version 1.0.0 milestone25
Typelevel Http4s	Version 1.0.0 milestone26
Typelevel Http4s	Version 1.0.0 milestone27
Typelevel Http4s	Version 1.0.0 milestone28
Typelevel Http4s	Version 1.0.0 milestone29
Typelevel Http4s	Version 1.0.0 milestone2
Typelevel Http4s	Version 1.0.0 milestone30
Typelevel Http4s	Version 1.0.0 milestone31
Typelevel Http4s	Version 1.0.0 milestone32
Typelevel Http4s	Version 1.0.0 milestone33
Typelevel Http4s	Version 1.0.0 milestone34
Typelevel Http4s	Version 1.0.0 milestone35
Typelevel Http4s	Version 1.0.0 milestone36
Typelevel Http4s	Version 1.0.0 milestone37
Typelevel Http4s	Version 1.0.0 milestone38
Typelevel Http4s	Version 1.0.0 milestone39
Typelevel Http4s	Version 1.0.0 milestone3
Typelevel Http4s	Version 1.0.0 milestone40
Typelevel Http4s	Version 1.0.0 milestone41
Typelevel Http4s	Version 1.0.0 milestone42
Typelevel Http4s	Version 1.0.0 milestone43
Typelevel Http4s	Version 1.0.0 milestone44
Typelevel Http4s	Version 1.0.0 milestone4
Typelevel Http4s	Version 1.0.0 milestone5
Typelevel Http4s	Version 1.0.0 milestone6
Typelevel Http4s	Version 1.0.0 milestone7
Typelevel Http4s	Version 1.0.0 milestone8
Typelevel Http4s	Version 1.0.0 milestone9

Related CWEs

CWE-444

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

The product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server, but it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages will be processed by those entities that are at the ultimate destination.

References (3)

https://github.com/http4s/http4s/commit/dd518f7c967e5165813b8d4a48a82b8fab852d41

Source: security-advisories@github.com

Patch

https://github.com/http4s/http4s/security/advisories/GHSA-wcwh-7gfw-5wrr

Source: security-advisories@github.com

ExploitVendor Advisory

https://github.com/http4s/http4s/security/advisories/GHSA-wcwh-7gfw-5wrr

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

ExploitVendor Advisory

Timeline

No history available yet.