Lucene search
GoogleOSV:GHSA-G4X3-MFPJ-F335HistoryJan 22, 2024 - 6:30 a.m.
chasquid HTTP Request/Response Smuggling vulnerability
2024-01-2206:30:32
Google
osv.dev
4
chasquid
http
request
response
smuggling
vulnerability
smtp
lf-terminated
lines
software
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
6.8 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
18.0%
chasquid before 1.13 allows SMTP smuggling because LF-terminated lines are accepted.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/albertito/chasquid | lt | 1.13 |
Related
cve
cve
CVE-2023-52354
2024-01-22 06:15:07
gitlab
gitlab
github
github
chasquid HTTP Request/Response Smuggling vulnerability
2024-01-22 06:30:32
ubuntucve
ubuntucve
CVE-2023-52354
2024-01-22 00:00:00
nvd
nvd
CVE-2023-52354
2024-01-22 06:15:07
veracode
veracode
HTTP Request Smuggling
2024-01-29 19:59:33
debiancve
debiancve
CVE-2023-52354
2024-01-22 06:15:07
osv
osv
prion
prion
Design/Logic Flaw
2024-01-22 06:15:00
cvelist
cvelist
CVE-2023-52354
2024-01-22 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
6.8 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
18.0%
Related for OSV:GHSA-G4X3-MFPJ-F335