CVE-2025-57783

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-57783
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-57783.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-57783
Published
2026-01-26T18:16:27.350Z
Modified
2026-03-13T03:39:05.766234Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

Improper header parsing may lead to request smuggling has been identified in Hiawatha webserver version 11.7 which allows an unauthenticated attacker to access restricted resources managed by Hiawatha webserver.

References

Affected packages

Git / gitlab.com/hsleisink/hiawatha

Affected ranges

Type
GIT
Repo
https://gitlab.com/hsleisink/hiawatha
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
1f0f79b6cb108a593123a74ad7c9fd1ad36a9253
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "11.7"
        }
    ]
}

Affected versions

9.*
9.3.1
v10.*
v10.0
v10.1
v10.10
v10.11
v10.12
v10.2
v10.3
v10.4
v10.5
v10.6
v10.7
v10.8
v10.8.1
v10.8.2
v10.8.3
v10.9
v11.*
v11.0
v11.1
v11.2
v11.3
v11.4
v11.5
v11.6
v11.7
v8.*
v8.5
v8.6
v8.7
v8.8
v9.*
v9.0
v9.1
v9.10
v9.11
v9.12
v9.13
v9.14
v9.15
v9.2
v9.3.1
v9.4
v9.5
v9.6
v9.7
v9.8
v9.9

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-57783.json"