Vulnerabilities > Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-11-25 | CVE-2024-9666 | A vulnerability was found in the Keycloak Server. | 4.7 |
2024-11-17 | CVE-2023-4639 | A flaw was found in Undertow, which incorrectly parses cookies with certain value-delimiting characters in incoming requests. | 7.4 |
2024-10-08 | CVE-2024-9622 | A vulnerability was found in the resteasy-netty4 library arising from improper handling of HTTP requests using smuggling techniques. | 5.3 |
2024-09-19 | CVE-2024-45614 | HTTP Request Smuggling vulnerability in Puma Puma is a Ruby/Rack web server built for parallelism. | 5.4 |
2024-09-08 | CVE-2024-42342 | HTTP Request Smuggling vulnerability in Loway Queuemetrics 22.11.6/23.09/24.05 Loway - CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') | 4.3 |
2024-06-10 | CVE-2024-22279 | HTTP Request Smuggling vulnerability in Cloudfoundry Cf-Deployment and Routing Release Improper handling of requests in Routing Release > v0.273.0 and <= v0.297.0 allows an unauthenticated attacker to degrade the service availability of the Cloud Foundry deployment if performed at scale. | 7.5 |
2024-06-04 | CVE-2024-23326 | HTTP Request Smuggling vulnerability in Envoyproxy Envoy Envoy is a cloud-native, open source edge and service proxy. | 8.2 |
2024-01-22 | CVE-2023-52354 | HTTP Request Smuggling vulnerability in Blitiri Chasquid chasquid before 1.13 allows SMTP smuggling because LF-terminated lines are accepted. | 7.5 |
2024-01-08 | CVE-2023-51701 | HTTP Request Smuggling vulnerability in Fastify Reply-From fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. | 7.5 |
2023-11-28 | CVE-2023-46589 | HTTP Request Smuggling vulnerability in Apache Tomcat Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. | 7.5 |