Vulnerabilities > Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-08-07 | CVE-2020-9490 | HTTP Request Smuggling vulnerability in multiple products Apache HTTP Server versions 2.4.20 to 2.4.43. | 7.5 |
2020-08-07 | CVE-2020-11993 | HTTP Request Smuggling vulnerability in multiple products Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. | 7.5 |
2020-07-15 | CVE-2019-19326 | HTTP Request Smuggling vulnerability in Silverstripe Silverstripe CMS sites through 4.4.4 which have opted into HTTP Cache Headers on responses served by the framework's HTTP layer can be vulnerable to web cache poisoning. | 5.9 |
2020-06-30 | CVE-2020-15049 | HTTP Request Smuggling vulnerability in multiple products An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. | 8.8 |
2020-06-19 | CVE-2019-20866 | HTTP Request Smuggling vulnerability in Mattermost Server An issue was discovered in Mattermost Server before 5.12.0. | 5.3 |
2020-06-15 | CVE-2018-21245 | HTTP Request Smuggling vulnerability in Apsis Pound Pound before 2.8 allows HTTP request smuggling, a related issue to CVE-2016-10711. | 9.1 |
2020-06-10 | CVE-2020-7671 | HTTP Request Smuggling vulnerability in Goliath Project Goliath goliath through 1.0.6 allows request smuggling attacks where goliath is used as a backend and a frontend proxy also being vulnerable. | 7.5 |
2020-06-10 | CVE-2020-7670 | HTTP Request Smuggling vulnerability in Ohler Agoo agoo prior to 2.14.0 allows request smuggling attacks where agoo is used as a backend and a frontend proxy also being vulnerable. | 7.5 |
2020-06-01 | CVE-2020-7659 | HTTP Request Smuggling vulnerability in Celluloid Reel reel through 0.6.1 allows Request Smuggling attacks due to incorrect Content-Length and Transfer encoding header parsing. | 7.5 |
2020-05-26 | CVE-2020-10719 | HTTP Request Smuggling vulnerability in multiple products A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. | 6.5 |