VYPR

CWE-444

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

BaseIncomplete

Description

The product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server, but it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages will be processed by those entities that are at the ultimate destination.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-273 · CAPEC-33

CVEs mapped to this weakness (200)

page 9 of 10
  • CVE-2021-32715Jul 7, 2021
    risk 0.00cvss epss 0.01

    hyper is an HTTP library for rust. hyper's HTTP/1 server code had a flaw that incorrectly parses and accepts requests with a `Content-Length` header with a prefixed plus sign, when it should have been rejected as illegal. This combined with an upstream HTTP proxy that doesn't…

  • CVE-2021-30180May 31, 2021
    risk 0.00cvss epss 0.60

    Apache Dubbo prior to 2.7.9 support Tag routing which will enable a customer to route the request to the right server. These rules are used by the customers when making a request in order to find the right endpoint. When parsing these YAML rules, Dubbo customers may enable…

  • CVE-2021-21409Mar 30, 2021
    risk 0.00cvss epss 0.05

    Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.61.Final there is a vulnerability that enables request…

  • CVE-2021-21295Mar 9, 2021
    risk 0.00cvss epss 0.19

    Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.60.Final there is a vulnerability that enables request…

  • CVE-2021-20220Feb 23, 2021
    risk 0.00cvss epss 0.01

    A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a…

  • CVE-2021-23339Feb 17, 2021
    risk 0.00cvss epss 0.01

    This affects all versions before 10.1.14 and from 10.2.0 to 10.2.4 of package com.typesafe.akka:akka-http-core. It allows multiple Transfer-Encoding headers.

  • CVE-2021-21299Feb 11, 2021
    risk 0.00cvss epss 0.05

    hyper is an open-source HTTP library for Rust (crates.io). In hyper from version 0.12.0 and before versions 0.13.10 and 0.14.3 there is a vulnerability that can enable a request smuggling attack. The HTTP server code had a flaw that incorrectly understands some requests with…

  • CVE-2020-28483Jan 20, 2021
    risk 0.00cvss epss 0.01

    This affects all versions of package github.com/gin-gonic/gin. When gin is exposed directly to the internet, a client's IP can be spoofed by setting the X-Forwarded-For header.

  • CVE-2020-28473Jan 18, 2021
    risk 0.00cvss epss 0.02

    The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the…

  • CVE-2020-35863Dec 31, 2020
    risk 0.00cvss epss 0.03

    An issue was discovered in the hyper crate before 0.12.34 for Rust. HTTP request smuggling can occur. Remote code execution can occur in certain situations with an HTTP server on the loopback interface.

  • CVE-2020-35884Dec 31, 2020
    risk 0.00cvss epss 0.01

    An issue was discovered in the tiny_http crate through 2020-06-16 for Rust. HTTP Request smuggling can occur via a malformed Transfer-Encoding header.

  • CVE-2020-26281Dec 21, 2020
    risk 0.00cvss epss 0.01

    async-h1 is an asynchronous HTTP/1.1 parser for Rust (crates.io). There is a request smuggling vulnerability in async-h1 before version 2.3.0. This vulnerability affects any webserver that uses async-h1 behind a reverse proxy, including all such Tide applications. If the server…

  • CVE-2020-7764Nov 8, 2020
    risk 0.00cvss epss 0.02

    This affects the package find-my-way before 2.2.5, from 3.0.0 and before 3.0.5. It accepts the Accept-Version' header by default, and if versioned routes are not being used, this could lead to a denial of service. Accept-Version can be used as an unkeyed header in a cache…

  • CVE-2020-25613Oct 6, 2020
    risk 0.00cvss epss 0.04

    An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy…

  • CVE-2020-10687Sep 23, 2020
    risk 0.00cvss epss 0.01

    A flaw was discovered in all versions of Undertow before Undertow 2.2.0.Final, where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. This flaw allows an attacker to poison a…

  • CVE-2019-19326Jul 15, 2020
    risk 0.00cvss epss 0.01

    Silverstripe CMS sites through 4.4.4 which have opted into HTTP Cache Headers on responses served by the framework's HTTP layer can be vulnerable to web cache poisoning. Through modifying the X-Original-Url and X-HTTP-Method-Override headers, responses with malicious HTTP…

  • CVE-2020-7670Jun 10, 2020
    risk 0.00cvss epss 0.01

    agoo prior to 2.14.0 allows request smuggling attacks where agoo is used as a backend and a frontend proxy also being vulnerable. HTTP pipelining issues and request smuggling attacks might be possible due to incorrect Content-Length and Transfer encoding header parsing. It is…

  • CVE-2020-7671Jun 10, 2020
    risk 0.00cvss epss 0.01

    goliath through 1.0.6 allows request smuggling attacks where goliath is used as a backend and a frontend proxy also being vulnerable. It is possible to conduct HTTP request smuggling attacks by sending the Content-Length header twice. Furthermore, invalid Transfer Encoding…

  • CVE-2020-7659Jun 1, 2020
    risk 0.00cvss epss 0.01

    reel through 0.6.1 allows Request Smuggling attacks due to incorrect Content-Length and Transfer encoding header parsing. It is possible to conduct HTTP request smuggling attacks by sending the Content-Length header twice. Furthermore, invalid Transfer Encoding headers were…

  • CVE-2020-10719May 26, 2020
    risk 0.00cvss epss 0.01

    A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling.