Vulnerabilities > Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-14 | CVE-2022-32214 | HTTP Request Smuggling vulnerability in multiple products The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not strictly use the CRLF sequence to delimit HTTP requests. | 6.5 |
| 2022-07-14 | CVE-2022-32215 | HTTP Request Smuggling vulnerability in multiple products The llhttp parser <v14.20.1, <v16.17.1 and <v18.9.1 in the http module in Node.js does not correctly handle multi-line Transfer-Encoding headers. | 6.5 |
| 2022-07-07 | CVE-2021-46825 | HTTP Request Smuggling vulnerability in Broadcom Advanced Secure Gateway and Proxysg Symantec Advanced Secure Gateway (ASG) and ProxySG are susceptible to an HTTP desync vulnerability. | 9.1 |
| 2022-06-09 | CVE-2022-26377 | HTTP Request Smuggling vulnerability in multiple products Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. | 7.5 |
| 2022-05-25 | CVE-2022-29361 | HTTP Request Smuggling vulnerability in Palletsprojects Werkzeug Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform HTTP Request Smuggling using a crafted HTTP request with multiple requests included inside the body. | 9.8 |
| 2022-03-21 | CVE-2022-24766 | HTTP Request Smuggling vulnerability in Mitmproxy mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. | 9.8 |
| 2022-03-17 | CVE-2022-24761 | HTTP Request Smuggling vulnerability in multiple products Waitress is a Web Server Gateway Interface server for Python 2 and 3. | 7.5 |
| 2022-03-14 | CVE-2022-22720 | HTTP Request Smuggling vulnerability in multiple products Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling | 9.8 |
| 2022-02-09 | CVE-2021-41442 | HTTP Request Smuggling vulnerability in Dlink Dir-X1860 Firmware 1.03 An HTTP smuggling attack in the web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows a remote unauthenticated attacker to DoS the web application via sending a specific HTTP packet. | 7.5 |
| 2022-01-28 | CVE-2021-42791 | HTTP Request Smuggling vulnerability in Veridiumid Veridiumad 2.5.3.0 An issue was discovered in VeridiumID VeridiumAD 2.5.3.0. | 7.3 |