Vulnerabilities > Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-14 | CVE-2023-47641 | HTTP Request Smuggling vulnerability in Aiohttp aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. | 6.5 |
| 2023-11-03 | CVE-2023-46846 | HTTP Request Smuggling vulnerability in multiple products SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems. | 5.3 |
| 2023-10-25 | CVE-2023-46137 | HTTP Request Smuggling vulnerability in Twistedmatrix Twisted Twisted is an event-based framework for internet applications. | 5.3 |
| 2023-10-09 | CVE-2023-30910 | HTTP Request Smuggling vulnerability in HPE products HPE MSA Controller prior to version IN210R004 could be remotely exploited to allow inconsistent interpretation of HTTP requests. | 5.4 |
| 2023-08-29 | CVE-2023-41265 | HTTP Request Smuggling vulnerability in Qlik Sense An HTTP Request Tunneling vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows a remote attacker to elevate their privilege by tunneling HTTP requests in the raw HTTP request. | 9.9 |
| 2023-08-18 | CVE-2023-40175 | HTTP Request Smuggling vulnerability in Puma Puma is a Ruby/Rack web server built for parallelism. | 9.8 |
| 2023-08-10 | CVE-2023-40225 | HTTP Request Smuggling vulnerability in Haproxy HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. | 7.2 |
| 2023-08-09 | CVE-2023-33934 | HTTP Request Smuggling vulnerability in Apache Traffic Server Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: through 9.2.1. | 9.1 |
| 2023-08-04 | CVE-2023-38697 | HTTP Request Smuggling vulnerability in Socketry Protocol-Http1 protocol-http1 provides a low-level implementation of the HTTP/1 protocol. | 5.3 |
| 2023-08-04 | CVE-2023-34037 | HTTP Request Smuggling vulnerability in VMWare Horizon Client VMware Horizon Server contains a HTTP request smuggling vulnerability. | 5.3 |