5 matches found
CVE-2024-23452
Request smuggling vulnerability in HTTP server in Apache bRPC 0.9.51.7.0 on all platforms allows attacker to smuggle request. Vulnerability Cause Description: The httpparser does not comply with the RFC-7230 HTTP 1.1 specification. Attack scenario: If a message is received with both a...
CVE-2024-23452
creationtimestamp| type| source ---|---|--- 2024-02-08 10:21:31+00:00| seen| https://t.me/ctinow/181265 2024-02-11 13:24:07+00:00| published-proof-of-concept| https://t.me/arpsyndicate/3385 2024-03-02 09:06:38+00:00| seen| https://t.me/ctinow/198278...
CVE-2024-23452
Request smuggling vulnerability in HTTP server in Apache bRPC 0.9.51.7.0 on all platforms allows attacker to smuggle request. Vulnerability Cause Description: The httpparser does not comply with the RFC-7230 HTTP 1.1 specification. Attack scenario: If a message is received with both a...
CVE-2024-23452 Apache bRPC: HTTP request smuggling vulnerability
Request smuggling vulnerability in HTTP server in Apache bRPC 0.9.51.7.0 on all platforms allows attacker to smuggle request. Vulnerability Cause Description: The httpparser does not comply with the RFC-7230 HTTP 1.1 specification. Attack scenario: If a message is received with both a...
CVE-2024-23452
Apache bRPC’s HTTP server (versions 0.9.5–1.7.0) is affected by a request-smuggling issue caused by non-compliance of the http_parser with RFC 7230 when handling messages with both Transfer-Encoding and Content-Length. In the described scenario, a frontend server using TE can cause a backend bRPC...