Vulnerabilities > Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-07-06 | CVE-2023-26137 | HTTP Request Smuggling vulnerability in Drogon All versions of the package drogonframework/drogon are vulnerable to HTTP Response Splitting when untrusted user input is used to build header values in the addHeader and addCookie functions. | 6.1 |
2023-05-30 | CVE-2023-33193 | HTTP Request Smuggling vulnerability in Emby Emby.Releases Emby Server is a user-installable home media server which stores and organizes a user's media files of virtually any format and makes them available for viewing at home and abroad on a broad range of client devices. | 9.1 |
2023-04-11 | CVE-2023-25950 | HTTP Request Smuggling vulnerability in Haproxy HTTP request/response smuggling vulnerability in HAProxy version 2.7.0, and 2.6.1 to 2.6.7 allows a remote attacker to alter a legitimate user's request. | 7.3 |
2023-04-04 | CVE-2023-27493 | HTTP Request Smuggling vulnerability in Envoyproxy Envoy Envoy is an open source edge and service proxy designed for cloud-native applications. | 9.1 |
2023-04-04 | CVE-2023-27491 | HTTP Request Smuggling vulnerability in Envoyproxy Envoy Envoy is an open source edge and service proxy designed for cloud-native applications. | 9.1 |
2023-01-20 | CVE-2023-23691 | HTTP Request Smuggling vulnerability in Dell products Dell EMC PV ME5, versions ME5.1.0.0.0 and ME5.1.0.1.0, contains a Client-side desync Vulnerability. | 8.8 |
2023-01-13 | CVE-2022-41721 | HTTP Request Smuggling vulnerability in Golang H2C A request smuggling attack is possible when using MaxBytesHandler. | 7.5 |
2022-12-05 | CVE-2022-35256 | HTTP Request Smuggling vulnerability in multiple products The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. | 6.5 |
2022-11-23 | CVE-2022-38114 | HTTP Request Smuggling vulnerability in Solarwinds Security Event Manager This vulnerability occurs when a web server fails to correctly process the Content-Length of POST requests. | 6.1 |
2022-11-09 | CVE-2022-45059 | HTTP Request Smuggling vulnerability in multiple products An issue was discovered in Varnish Cache 7.x before 7.1.2 and 7.2.x before 7.2.1. | 7.5 |