rpm package
suse/python-waitress&distro=SUSE Linux Enterprise High Performance Computing 15-ESPOS
pkg:rpm/suse/python-waitress&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOS
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-24761 | Hig | 7.5 | < 1.4.3-150000.3.6.1 | 1.4.3-150000.3.6.1 | Mar 17, 2022 | Waitress is a Web Server Gateway Interface server for Python 2 and 3. When using Waitress versions 2.1.0 and prior behind a proxy that does not properly validate the incoming HTTP request matches the RFC7230 standard, Waitress and the frontend proxy may disagree on where one requ | |
| CVE-2019-16792 | Hig | 7.1 | < 1.4.3-3.3.1 | 1.4.3-3.3.1 | Jan 22, 2020 | Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. | |
| CVE-2019-16789 | Hig | 7.1 | < 1.4.3-3.3.1 | 1.4.3-3.3.1 | Dec 26, 2019 | In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests contain | |
| CVE-2019-16786 | Hig | 7.1 | < 1.4.3-3.3.1 | 1.4.3-3.3.1 | Dec 20, 2019 | Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separ | |
| CVE-2019-16785 | Hig | 7.1 | < 1.4.3-3.3.1 | 1.4.3-3.3.1 | Dec 20, 2019 | Waitress through version 1.3.1 implemented a "MAY" part of the RFC7230 which states: "Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize a single LF as a line terminator and ignore any preceding CR." Unfortunately if |
- affected < 1.4.3-150000.3.6.1fixed 1.4.3-150000.3.6.1
Waitress is a Web Server Gateway Interface server for Python 2 and 3. When using Waitress versions 2.1.0 and prior behind a proxy that does not properly validate the incoming HTTP request matches the RFC7230 standard, Waitress and the frontend proxy may disagree on where one requ
- affected < 1.4.3-3.3.1fixed 1.4.3-3.3.1
Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally.
- affected < 1.4.3-3.3.1fixed 1.4.3-3.3.1
In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests contain
- affected < 1.4.3-3.3.1fixed 1.4.3-3.3.1
Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separ
- affected < 1.4.3-3.3.1fixed 1.4.3-3.3.1
Waitress through version 1.3.1 implemented a "MAY" part of the RFC7230 which states: "Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize a single LF as a line terminator and ignore any preceding CR." Unfortunately if