Vulnerabilities > Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-21	CVE-2020-26281	HTTP Request Smuggling vulnerability in Rust-Lang Async-H1 async-h1 is an asynchronous HTTP/1.1 parser for Rust (crates.io). network high complexity rust-lang CWE-444	7.5
2020-11-18	CVE-2020-28361	HTTP Request Smuggling vulnerability in Kamailio Kamailio before 5.4.0, as used in Sip Express Router (SER) in Sippy Softswitch 4.5 through 5.2 and other products, allows a bypass of a header-removal protection mechanism via whitespace characters. network low complexity kamailio CWE-444	5.4
2020-11-16	CVE-2020-26129	HTTP Request Smuggling vulnerability in Jetbrains Ktor In JetBrains Ktor before 1.4.1, HTTP request smuggling was possible. network low complexity jetbrains CWE-444	6.5
2020-11-08	CVE-2020-7764	HTTP Request Smuggling vulnerability in Find-My-Way Project Find-My-Way This affects the package find-my-way before 2.2.5, from 3.0.0 and before 3.0.5. network low complexity find-my-way-project CWE-444	7.5
2020-10-06	CVE-2020-25613	HTTP Request Smuggling vulnerability in multiple products An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. network low complexity ruby-lang fedoraproject CWE-444	7.5
2020-09-23	CVE-2020-10687	HTTP Request Smuggling vulnerability in Redhat Undertow 1.0.0 A flaw was discovered in all versions of Undertow before Undertow 2.2.0.Final, where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. network high complexity redhat CWE-444	4.8
2020-09-18	CVE-2020-8201	HTTP Request Smuggling vulnerability in multiple products Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. network high complexity nodejs opensuse fedoraproject CWE-444	7.4
2020-09-02	CVE-2020-15810	HTTP Request Smuggling vulnerability in multiple products An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. network low complexity squid-cache canonical debian fedoraproject opensuse CWE-444	6.5
2020-08-07	CVE-2020-9490	HTTP Request Smuggling vulnerability in multiple products Apache HTTP Server versions 2.4.20 to 2.4.43. network low complexity apache oracle opensuse debian fedoraproject canonical redhat CWE-444	7.5
2020-08-07	CVE-2020-11993	HTTP Request Smuggling vulnerability in multiple products Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. network low complexity apache netapp canonical opensuse debian fedoraproject oracle CWE-444	7.5