Vulnerability in rivet project

while working in rivet project, I found a vulnerability in the **h3** package caused by a case-sensitive check for the `Transfer-Encoding: chunked` header. By sending a mixed-case header (e.g., `ChunKed`), an attacker can desynchronize requests behind TCP/load balancers, potentially leading to request smuggling and unauthorized request handling.

[CVE Report](https://vulert.com/vuln-scan/list/33ae678b-1062-417c-8273-5b6dd36b33ab?sort_order=desc&sort_by=created_at)
[CVE Link](https://vulert.com/vuln-db/CVE-2026-23527)





Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Vulnerability in rivet project #3935

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Vulnerability in rivet project #3935

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions