Vulnerabilities > Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-22 | CVE-2020-11076 | HTTP Request Smuggling vulnerability in multiple products In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. | 7.5 |
| 2020-05-21 | CVE-2020-7655 | HTTP Request Smuggling vulnerability in Hive Netius netius prior to 1.17.58 is vulnerable to HTTP Request Smuggling. | 6.1 |
| 2020-04-22 | CVE-2020-11506 | HTTP Request Smuggling vulnerability in Gitlab An issue was discovered in GitLab 10.7.0 and later through 12.9.2. | 7.5 |
| 2020-04-22 | CVE-2020-11505 | HTTP Request Smuggling vulnerability in Gitlab An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) before 12.7.9, 12.8.x before 12.8.9, and 12.9.x before 12.9.3. | 7.5 |
| 2020-04-12 | CVE-2020-11724 | HTTP Request Smuggling vulnerability in multiple products An issue was discovered in OpenResty before 1.15.8.4. | 7.5 |
| 2020-03-30 | CVE-2020-7611 | HTTP Request Smuggling vulnerability in Objectcomputing Micronaut All versions of io.micronaut:micronaut-http-client before 1.2.11 and all versions from 1.3.0 before 1.3.2 are vulnerable to HTTP Request Header Injection due to not validating request headers passed to the client. | 9.8 |
| 2020-03-26 | CVE-2020-5129 | HTTP Request Smuggling vulnerability in Sonicwall Sma1000 Firmware 12.1.006411 A vulnerability in the SonicWall SMA1000 HTTP Extraweb server allows an unauthenticated remote attacker to cause HTTP server crash which leads to Denial of Service. | 7.5 |
| 2020-03-23 | CVE-2020-1944 | HTTP Request Smuggling vulnerability in multiple products There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8.0.5 with a smuggling attack and Transfer-Encoding and Content length headers. | 9.8 |
| 2020-03-23 | CVE-2019-17565 | HTTP Request Smuggling vulnerability in multiple products There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8.0.5 with a smuggling attack and chunked encoding. | 9.8 |
| 2020-03-23 | CVE-2019-17559 | HTTP Request Smuggling vulnerability in multiple products There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8.0.5 with a smuggling attack and scheme parsing. | 9.8 |