{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-13T19:36:32.810","vulnerabilities":[{"cve":{"id":"CVE-2025-32094","sourceIdentifier":"cve@mitre.org","published":"2025-08-07T05:15:45.667","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"An issue was discovered in Akamai Ghost, as used for the Akamai CDN platform before 2025-03-26. Under certain circumstances, a client making an HTTP/1.x OPTIONS request with an \"Expect: 100-continue\" header, and using obsolete line folding, can lead to a discrepancy in how two in-path Akamai servers interpret the request, allowing an attacker to smuggle a second request in the original request body."},{"lang":"es","value":"Se detectó un problema en Akamai Ghost, utilizado en la plataforma CDN de Akamai antes del 26/03/2025. En determinadas circunstancias, un cliente que realiza una solicitud HTTP/1.x OPTIONS con un encabezado \"Expect: 100-continue\" y utiliza un plegado de línea obsoleto, puede generar una discrepancia en la interpretación de la solicitud por parte de dos servidores Akamai en la ruta, lo que permite a un atacante introducir una segunda solicitud en el cuerpo original."}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N","baseScore":4.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":1.4}]},"weaknesses":[{"source":"cve@mitre.org","type":"Secondary","description":[{"lang":"en","value":"CWE-444"}]}],"references":[{"url":"https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Status/100","source":"cve@mitre.org"},{"url":"https://www.akamai.com/blog/security/cve-2025-32094-http-request-smuggling","source":"cve@mitre.org"},{"url":"https://www.blackhat.com/us-25/briefings/schedule/#http1-must-die-the-desync-endgame-45103","source":"cve@mitre.org"},{"url":"https://www.rfc-editor.org/rfc/rfc9112.html#name-obsolete-line-folding","source":"cve@mitre.org"}]}}]}