Vulnerabilities > Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-11 | CVE-2019-0197 | HTTP Request Smuggling vulnerability in multiple products A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. | 4.2 |
| 2019-03-21 | CVE-2018-4030 | HTTP Request Smuggling vulnerability in Getcujo Smart Firewall 7003 An exploitable vulnerability exists the safe browsing function of the CUJO Smart Firewall, version 7003. | 7.5 |
| 2018-08-29 | CVE-2018-8004 | HTTP Request Smuggling vulnerability in multiple products There are multiple HTTP smuggling and cache poisoning issues when clients making malicious requests interact with Apache Traffic Server (ATS). | 6.5 |
| 2018-08-28 | CVE-2018-3908 | HTTP Request Smuggling vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17 An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. | 7.5 |
| 2018-08-24 | CVE-2018-3909 | HTTP Request Smuggling vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17 An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. | 8.6 |
| 2018-08-24 | CVE-2018-3907 | HTTP Request Smuggling vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17 An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. | 10.0 |
| 2018-08-06 | CVE-2018-7068 | HTTP Request Smuggling vulnerability in HP Centralview Fraud Risk Management HPE has identified a remote HOST header attack vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. | 6.1 |
| 2018-07-27 | CVE-2017-12165 | HTTP Request Smuggling vulnerability in Redhat Undertow It was discovered that Undertow before 1.4.17, 1.3.31 and 2.0.0 processes http request headers with unusual whitespaces which can cause possible http request smuggling. | 7.5 |
| 2018-07-27 | CVE-2017-2666 | HTTP Request Smuggling vulnerability in multiple products It was discovered in Undertow that the code that parsed the HTTP request line permitted invalid characters. | 6.5 |
| 2018-06-26 | CVE-2017-7658 | HTTP Request Smuggling vulnerability in multiple products In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. | 9.8 |