You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
http chunked transfer
About this tag
The http chunked transfer tag on WindowsForum.com covers discussions about the HTTP chunked transfer encoding mechanism, particularly in the context of security vulnerabilities and mitigation strategies. Recent content highlights CVE-2026-7790, a denial-of-service flaw in the cowlib Erlang library that exploits oversized HTTP chunk-size fields. While this vulnerability appears in Microsoft's Security Update Guide, it is not a traditional Windows bug but rather affects Erlang-based services. The tag emphasizes the operational challenges of dependency management and software inventory to address such issues, underscoring that modern infrastructure can be disrupted by flaws in small libraries. Topics include HTTP chunked transfer parsing limits, CPU and memory exhaustion risks, and the importance of updating affected components.
CVE-2026-6324 is a newly cataloged libsoup HTTP request-smuggling flaw, published by NVD on May 29, 2026 and last modified June 17, affecting scenarios where libsoup sits behind a non-libsoup proxy or in front of a non-libsoup backend. Its CVSS 3.1 score is only 4.8, but the number undersells...
CVE-2026-7790 is a high-severity denial-of-service flaw published in May 2026 in ninenines cowlib, affecting versions from 0.6.0 before 2.16.1, where oversized HTTP chunk-size fields can force excessive CPU and memory use in exposed Erlang-based services. The bug is not a Windows vulnerability...