VYPR

apk package

chainguard/py3.11-gunicorn

pkg:apk/chainguard/py3.11-gunicorn

Vulnerabilities (1)

  • CVE-2024-1135HigApr 16, 2024
    affected < 22.0.0-r0fixed 22.0.0-r0

    Gunicorn fails to properly validate Transfer-Encoding headers, leading to HTTP Request Smuggling (HRS) vulnerabilities. By crafting requests with conflicting Transfer-Encoding headers, attackers can bypass security restrictions and access restricted endpoints. This issue is due t