Inconsistent Interpretation of HTTP Requests (βHTTP Request Smugglingβ)Β vulnerability in Apache APISIX when using forward-auth
plugin.This issue affects Apache APISIX: from 3.8.0, 3.9.0.
Users are recommended to upgrade to version 3.8.1, 3.9.1 or higher, which fixes the issue.
[
{
"defaultStatus": "unaffected",
"product": "Apache APISIX",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "3.9.0",
"status": "affected",
"version": "3.8.0",
"versionType": "custom"
}
]
}
]