Vulnerabilities > Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-18	CVE-2020-8201	HTTP Request Smuggling vulnerability in multiple products Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. network high complexity nodejs opensuse fedoraproject CWE-444	7.4
2020-09-02	CVE-2020-15810	HTTP Request Smuggling vulnerability in multiple products An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. network low complexity squid-cache canonical debian fedoraproject opensuse CWE-444	6.5
2020-08-07	CVE-2020-9490	HTTP Request Smuggling vulnerability in multiple products Apache HTTP Server versions 2.4.20 to 2.4.43. network low complexity apache oracle opensuse debian fedoraproject canonical redhat CWE-444	7.5
2020-08-07	CVE-2020-11993	HTTP Request Smuggling vulnerability in multiple products Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. network low complexity apache netapp canonical opensuse debian fedoraproject oracle CWE-444	7.5
2020-07-15	CVE-2019-19326	HTTP Request Smuggling vulnerability in Silverstripe Silverstripe CMS sites through 4.4.4 which have opted into HTTP Cache Headers on responses served by the framework's HTTP layer can be vulnerable to web cache poisoning. network high complexity silverstripe CWE-444	5.9
2020-06-30	CVE-2020-15049	HTTP Request Smuggling vulnerability in multiple products An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. network low complexity squid-cache fedoraproject CWE-444	8.8
2020-06-19	CVE-2019-20866	HTTP Request Smuggling vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 5.12.0. network low complexity mattermost CWE-444	5.3
2020-06-15	CVE-2018-21245	HTTP Request Smuggling vulnerability in Apsis Pound Pound before 2.8 allows HTTP request smuggling, a related issue to CVE-2016-10711. network low complexity apsis CWE-444 critical	9.1
2020-06-10	CVE-2020-7671	HTTP Request Smuggling vulnerability in Goliath Project Goliath goliath through 1.0.6 allows request smuggling attacks where goliath is used as a backend and a frontend proxy also being vulnerable. network low complexity goliath-project CWE-444	7.5
2020-06-10	CVE-2020-7670	HTTP Request Smuggling vulnerability in Ohler Agoo agoo prior to 2.14.0 allows request smuggling attacks where agoo is used as a backend and a frontend proxy also being vulnerable. network low complexity ohler CWE-444	7.5