netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header

A flaw was found in Netty before version 4.1.44, where it accepted multiple Content-Length headers and also accepted both Transfer-Encoding, as well as Content-Length headers where it should reject the message under such circumstances. In circumstances where Netty is used in the context of a...

HTTP Request Smuggling

haproxy is vulnerable to HTTP request smuggling. The vulnerability exists as the transfer-encoding header containing an obfuscated "chunked" value...

netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling

A flaw was found in Netty, where it mishandles Transfer-Encoding whitespace. This flaw allows HTTP Request Smuggling...

netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header

A flaw was found in Netty before version 4.1.44, where it accepted multiple Content-Length headers and also accepted both Transfer-Encoding, as well as Content-Length headers where it should reject the message under such circumstances. In circumstances where Netty is used in the context of a...

haproxy: HTTP request smuggling issue with transfer-encoding header containing an obfuscated "chunked" value

A flaw was found in HAProxy before 2.0.6. In legacy mode, messages featuring a transfer-encoding header missing the "chunked" value were not being correctly rejected. The impact was limited but if combined with the "http-reuse always" setting, it could be used to help construct an HTTP request...

HTTP Request Smuggling

puma is vulnerable to HTTP request smuggling. By using an invalid Transfer-Encoding header, an attacker is able to smuggle an HTTP request to bypass access controls and obtain confidential information...

HTTP Request Smuggling

meinheld is vulnerable to HTTP request smuggling. Lack of validation in the Content-Length header and Transfer Encoding headers allowed an attacker to perform HTTP smuggling attacks which could lead to XSS attacks and poisonining a user's web-cache and allows the attacker to obtain confidential...

Puma Environment Error Vulnerability (CNVD-2020-31666)

Puma is a web server for highly concurrent applications. Puma suffers from an environment error vulnerability. An attacker can exploit this vulnerability to conduct HTTP smuggling attacks with an invalid transfer-encoding header...

meinheld environment error vulnerability

meinheld is a WSGI Web Server Gateway Interface asynchronous Web server from the Japanese software developer Yutaka Matsubara. An environment error vulnerability exists in meinheld because the program does not properly parse the Content-Length and Transfer Encoding headers. An attacker could...

CVE-2020-7658

meinheld prior to 1.0.2 is vulnerable to HTTP Request Smuggling. HTTP pipelining issues and request smuggling attacks might be possible due to incorrect Content-Length and Transfer encoding header parsing...

PYSEC-2020-239

meinheld prior to 1.0.2 is vulnerable to HTTP Request Smuggling. HTTP pipelining issues and request smuggling attacks might be possible due to incorrect Content-Length and Transfer encoding header parsing...

Design/Logic Flaw

meinheld prior to 1.0.2 is vulnerable to HTTP Request Smuggling. HTTP pipelining issues and request smuggling attacks might be possible due to incorrect Content-Length and Transfer encoding header parsing...

HTTP Request Smuggling

Overview puma is a simple, fast, threaded, and highly concurrent HTTP 1.1 server for Ruby/Rack applications. Puma is intended for use in both development and production environments. It's great for highly concurrent Ruby implementations such as Rubinius and JRuby as well as as providing process...

DEBIAN-CVE-2020-11076

In Puma RubyGem before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma 3.12.5 and Puma 4.3.4...

UBUNTU-CVE-2020-11076

In Puma RubyGem before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma 3.12.5 and Puma 4.3.4...

CVE-2020-11076

In Puma RubyGem before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma 3.12.5 and Puma 4.3.4...

CVE-2020-11077 HTTP Smuggling via Transfer-Encoding Header in Puma

In Puma RubyGem before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the firs...

HTTP Smuggling via Transfer-Encoding Header in Puma

Impact This is a similar but different vulnerability to the one patched in 3.12.5 and 4.3.4. A client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via...

GHSA-W64W-QQPH-5GXM HTTP Smuggling via Transfer-Encoding Header in Puma

Impact This is a similar but different vulnerability to the one patched in 3.12.5 and 4.3.4. A client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via...

GHSA-X7JG-6PWG-FX5H HTTP Smuggling via Transfer-Encoding Header in Puma

Impact By using an invalid transfer-encoding header, an attacker could smuggle an HTTP response. Originally reported by @ZeddYu, who has our thanks for the detailed report. Patches The problem has been fixed in Puma 3.12.5 and Puma 4.3.4. For more information If you have any questions or comments...