VYPR

CWE-444

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

BaseIncomplete

Description

The product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server, but it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages will be processed by those entities that are at the ultimate destination.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-273 · CAPEC-33

CVEs mapped to this weakness (200)

page 1 of 10
  • CVE-2025-1867CriMar 3, 2025
    risk 0.65cvss epss 0.00

    Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') vulnerability in ithewei libhv allows HTTP Response Smuggling.This issue affects libhv: through 1.3.3.

  • CVE-2018-3907CriAug 24, 2018
    risk 0.65cvss 10.0epss 0.01

    An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests to overwrite the…

  • CVE-2017-7658CriJun 26, 2018
    risk 0.65cvss 9.8epss 0.21

    In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the…

  • CVE-2017-7657CriJun 26, 2018
    risk 0.65cvss 9.8epss 0.16

    In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size…

  • CVE-2026-41873CriApr 28, 2026
    risk 0.64cvss 9.8epss 0.00

    ** UNSUPPORTED WHEN ASSIGNED ** Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') vulnerability in Pony Mail leading to admin account takeover. This issue affects all versions of the Lua implementation of Pony Mail. There is a Python…

  • CVE-2016-10711CriJan 29, 2018
    risk 0.64cvss 9.8epss 0.03

    Apsis Pound before 2.8a allows request smuggling via crafted headers, a different vulnerability than CVE-2005-3751.

  • CVE-2023-29476CriDec 14, 2024
    risk 0.59cvss 9.1epss 0.00

    In Menlo On-Premise Appliance before 2.88, web policy may not be consistently applied properly to intentionally malformed client requests. This is fixed in 2.88.2+, 2.89.1+, and 2.90.1+.

  • CVE-2024-41110CriJul 24, 2024
    risk 0.59cvss 9.9epss 0.17

    Moby is an open-source project created by Docker for software containerization. A security vulnerability has been detected in certain versions of Docker Engine, which could allow an attacker to bypass authorization plugins (AuthZ) under specific circumstances. The base…

  • CVE-2026-45372CriMay 29, 2026
    risk 0.57cvss 9.9epss 0.00

    cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, when cpp-httplib's server parses an incoming request, it applies percent-decoding to every header value except Location and Referer. The validity check (is_field_value) is run…

  • CVE-2024-23316HigMay 31, 2024
    risk 0.57cvss epss 0.01

    HTTP request desynchronization in Ping Identity PingAccess, all versions prior to 8.0.1 affected allows an attacker to send specially crafted http header requests to create a request smuggling condition for proxied requests.

  • CVE-2015-5740CriOct 18, 2017
    risk 0.57cvss 9.8epss 0.04

    The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request with two Content-length headers.

  • CVE-2015-5739CriOct 18, 2017
    risk 0.57cvss 9.8epss 0.10

    The net/http library in net/textproto/reader.go in Go before 1.4.3 does not properly parse HTTP header keys, which allows remote attackers to conduct HTTP request smuggling attacks via a space instead of a hyphen, as demonstrated by "Content Length" instead of "Content-Length."

  • CVE-2025-41235HigMay 30, 2025
    risk 0.56cvss 8.6epss 0.00

    Spring Cloud Gateway Server forwards the X-Forwarded-For and Forwarded headers from untrusted proxies.

  • CVE-2024-38494HigJul 15, 2024
    risk 0.56cvss epss 0.01

    This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request.

  • CVE-2018-3909HigAug 24, 2018
    risk 0.56cvss 8.6epss 0.01

    An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests to overwrite the…

  • CVE-2026-23941CriMar 13, 2026
    risk 0.54cvss 9.4epss 0.01

    Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in Erlang OTP (inets httpd module) allows HTTP Request Smuggling. This vulnerability is associated with program files lib/inets/src/http_server/httpd_request.erl and program routines…

  • CVE-2025-14523HigDec 11, 2025
    risk 0.53cvss 8.2epss 0.01

    A flaw in libsoup’s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, so this mismatch can cause vhost confusion where a proxy routes a request to…

  • CVE-2017-8894HigJul 2, 2017
    risk 0.53cvss 8.1epss 0.02

    AeroAdmin 4.1 uses an insecure protocol (HTTP) to perform software updates. An attacker can hijack an update via man-in-the-middle in order to execute code in the machine.

  • CVE-2026-48746criJun 16, 2026
    risk 0.52cvss epss 0.01

    ### Summary A vulnerability in ASGI web servers and starlette's trust on those web servers enables an authentication bypass of the OpenAI API `AuthenticationMiddleware`, which was discovered during @x41sec's source code audit. It allows to use the API without providing the…

  • CVE-2025-43859CriApr 24, 2025
    risk 0.52cvss 9.1epss 0.01

    h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. This issue has been patched in version 0.16.0. Since…