{ "threat_severity" : "Important", "public_date" : "2025-04-24T18:15:53Z", "bugzilla" : { "description" : "h11: h11 accepts some malformed Chunked-Encoding bodies", "id" : "2362162", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2362162" }, "cvss3" : { "cvss3_base_score" : "7.4", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "status" : "verified" }, "cwe" : "CWE-444", "details" : [ "h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. This issue has been patched in version 0.16.0. Since exploitation requires the combination of buggy h11 with a buggy (reverse) proxy, fixing either component is sufficient to mitigate this issue.", "A flaw was found in the h11. This vulnerability allows request smuggling via improper parsing of chunked-coding message bodies, where h11 fails to validate the required \\r\\n terminators." ], "affected_release" : [ { "product_name" : "Red Hat Ansible Automation Platform 2.4 for RHEL 8", "release_date" : "2025-06-05T00:00:00Z", "advisory" : "RHSA-2025:8615", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2.4::el8", "package" : "ansible-automation-platform-24/lightspeed-rhel8:2.4.250225-12" }, { "product_name" : "Red Hat Ansible Automation Platform 2.5 for RHEL 8", "release_date" : "2025-05-27T00:00:00Z", "advisory" : "RHSA-2025:8221", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2.5::el8", "package" : "ansible-automation-platform-25/ee-supported-rhel8:1.0.0-1016" }, { "product_name" : "Red Hat Ansible Automation Platform 2.5 for RHEL 8", "release_date" : "2025-05-27T00:00:00Z", "advisory" : "RHSA-2025:8221", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2.5::el8", "package" : "ansible-automation-platform-25/lightspeed-chatbot-rhel8:2.5.250528-1" }, { "product_name" : "Red Hat Ansible Automation Platform 2.5 for RHEL 8", "release_date" : "2025-05-27T00:00:00Z", "advisory" : "RHSA-2025:8221", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2.5::el8", "package" : "ansible-automation-platform-25/lightspeed-rhel8:2.5.250528-1" }, { "product_name" : "Red Hat Ansible Automation Platform 2.5 for RHEL 9", "release_date" : "2025-05-27T00:00:00Z", "advisory" : "RHSA-2025:8221", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2.5::el9", "package" : "ansible-automation-platform-25/ee-cloud-services-rhel9:1.0.0-309" }, { "product_name" : "Red Hat Ansible Automation Platform 2.5 for RHEL 9", "release_date" : "2025-05-27T00:00:00Z", "advisory" : "RHSA-2025:8221", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2.5::el9", "package" : "ansible-automation-platform-25/ee-supported-rhel9:1.0.0-1015" }, { "product_name" : "Red Hat OpenStack Platform 17.1 for RHEL 9", "release_date" : "2025-05-14T00:00:00Z", "advisory" : "RHSA-2025:7536", "cpe" : "cpe:/a:redhat:openstack:17.1::el9", "package" : "python-h11-0:0.12.0-2.1.el9ost" }, { "product_name" : "Red Hat OpenStack Services on OpenShift 18.0", "release_date" : "2025-05-14T00:00:00Z", "advisory" : "RHSA-2025:7535", "cpe" : "cpe:/a:redhat:openstack:18.0::el9", "package" : "python-h11-0:0.12.0-4.el9ost" } ], "package_state" : [ { "product_name" : "OpenShift Lightspeed", "fix_state" : "Affected", "package_name" : "openshift-lightspeed-tech-preview/lightspeed-service-api-rhel9", "cpe" : "cpe:/a:redhat:openshift_lightspeed" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Affected", "package_name" : "ansible-automation-platform-24/lightspeed-rhel8", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Affected", "package_name" : "ansible-automation-platform-24/platform-resource-runner-rhel8", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Affected", "package_name" : "ansible-automation-platform-25/ee-cloud-services-rhel9", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Affected", "package_name" : "ansible-automation-platform-25/ee-supported-rhel8", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Affected", "package_name" : "ansible-automation-platform-25/ee-supported-rhel9", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Affected", "package_name" : "ansible-automation-platform-25/platform-resource-runner-rhel9", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Enterprise Linux AI (RHEL AI)", "fix_state" : "Affected", "package_name" : "rhelai1/bootc-amd-rhel9", "cpe" : "cpe:/a:redhat:enterprise_linux_ai:1" }, { "product_name" : "Red Hat Enterprise Linux AI (RHEL AI)", "fix_state" : "Affected", "package_name" : "rhelai1/bootc-aws-nvidia-rhel9", "cpe" : "cpe:/a:redhat:enterprise_linux_ai:1" }, { "product_name" : "Red Hat Enterprise Linux AI (RHEL AI)", "fix_state" : "Affected", "package_name" : "rhelai1/bootc-azure-amd-rhel9", "cpe" : "cpe:/a:redhat:enterprise_linux_ai:1" }, { "product_name" : "Red Hat Enterprise Linux AI (RHEL AI)", "fix_state" : "Affected", "package_name" : "rhelai1/bootc-azure-nvidia-rhel9", "cpe" : "cpe:/a:redhat:enterprise_linux_ai:1" }, { "product_name" : "Red Hat Enterprise Linux AI (RHEL AI)", "fix_state" : "Affected", "package_name" : "rhelai1/bootc-gcp-nvidia-rhel9", "cpe" : "cpe:/a:redhat:enterprise_linux_ai:1" }, { "product_name" : "Red Hat Enterprise Linux AI (RHEL AI)", "fix_state" : "Affected", "package_name" : "rhelai1/bootc-ibm-nvidia-rhel9", "cpe" : "cpe:/a:redhat:enterprise_linux_ai:1" }, { "product_name" : "Red Hat Enterprise Linux AI (RHEL AI)", "fix_state" : "Affected", "package_name" : "rhelai1/bootc-intel-rhel9", "cpe" : "cpe:/a:redhat:enterprise_linux_ai:1" }, { "product_name" : "Red Hat Enterprise Linux AI (RHEL AI)", "fix_state" : "Affected", "package_name" : "rhelai1/bootc-nvidia-rhel9", "cpe" : "cpe:/a:redhat:enterprise_linux_ai:1" }, { "product_name" : "Red Hat Enterprise Linux AI (RHEL AI)", "fix_state" : "Not affected", "package_name" : "rhelai1/docling-serve-rhel9", "cpe" : "cpe:/a:redhat:enterprise_linux_ai:1" }, { "product_name" : "Red Hat Enterprise Linux AI (RHEL AI)", "fix_state" : "Affected", "package_name" : "rhelai1/instructlab-amd-rhel9", "cpe" : "cpe:/a:redhat:enterprise_linux_ai:1" }, { "product_name" : "Red Hat Enterprise Linux AI (RHEL AI)", "fix_state" : "Affected", "package_name" : "rhelai1/instructlab-intel-rhel9", "cpe" : "cpe:/a:redhat:enterprise_linux_ai:1" }, { "product_name" : "Red Hat Enterprise Linux AI (RHEL AI)", "fix_state" : "Affected", "package_name" : "rhelai1/instructlab-nvidia-rhel9", "cpe" : "cpe:/a:redhat:enterprise_linux_ai:1" }, { "product_name" : "Red Hat Enterprise Linux AI (RHEL AI)", "fix_state" : "Not affected", "package_name" : "rhelai1/ui-rhel9", "cpe" : "cpe:/a:redhat:enterprise_linux_ai:1" }, { "product_name" : "Red Hat OpenShift AI (RHOAI)", "fix_state" : "Not affected", "package_name" : "rhoai/odh-model-registry-rhel8", "cpe" : "cpe:/a:redhat:openshift_ai" }, { "product_name" : "Red Hat Satellite 6", "fix_state" : "Not affected", "package_name" : "python-h11", "cpe" : "cpe:/a:redhat:satellite:6" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2025-43859\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-43859\nhttps://github.com/python-hyper/h11/commit/114803a29ce50116dc47951c690ad4892b1a36ed\nhttps://github.com/python-hyper/h11/security/advisories/GHSA-vqfr-h8mv-ghfj" ], "name" : "CVE-2025-43859", "mitigation" : { "value" : "Ensure any applications using h11 are behind a correctly configured reverse proxy will prevent exploitation of this flaw.", "lang" : "en:us" }, "csaw" : false }