An issue was discovered in zeek version 4.1.0. There is a HTTP request splitting vulnerability that will invalidate any ZEEK HTTP based security analysis. NOTE: the vendor's position is that the observed behavior is intended

Project Subscriptions

Vendors Products
Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

References
History

Tue, 24 Feb 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

cvssV3_1

{'score': 8.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N'}


Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-04T03:15:29.323Z

Reserved: 2021-09-27T00:00:00.000Z

Link: CVE-2021-41732

cve-icon Vulnrichment

Updated: 2024-08-04T03:15:29.323Z

cve-icon NVD

Status : Modified

Published: 2021-09-29T19:15:07.917

Modified: 2024-11-21T06:26:40.187

Link: CVE-2021-41732

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses