Lucene search
K

7 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:57 a.m.2 views

SUSE CVE-2020-15049

An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. A Request Smuggling and Poisoning attack can succeed against the HTTP cache. The client sends an HTTP request with a Content-Length header containing "+\ "-" or an uncommon shell whitespace...

8.5CVSS7AI score0.05706EPSS
Exploits0References11
OSV
OSV
added 2020/06/30 6:15 p.m.2 views

ALPINE-CVE-2020-15049

An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. A Request Smuggling and Poisoning attack can succeed against the HTTP cache. The client sends an HTTP request with a Content-Length header containing "+\ "-" or an uncommon shell whitespace...

8.8CVSS7AI score0.05706EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2018/01/03 10:31 a.m.3 views

undertow: improper whitespace parsing leading to potential HTTP request smuggling

It was discovered that Undertow processes http request headers with unusual whitespaces which can cause possible http request smuggling...

7.5CVSS7.4AI score0.01858EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/12/13 6:26 p.m.2 views

undertow: improper whitespace parsing leading to potential HTTP request smuggling

It was discovered that Undertow processes http request headers with unusual whitespaces which can cause possible http request smuggling...

7.5CVSS7.4AI score0.01858EPSS
Exploits0References4
Broadcom
Broadcom
added 2017/05/17 12:0 a.m.5 views

BSA-2017-286

Security Advisory ID : BSA-2017-286 Component : Apache Revision : 1.0: Interim Apache HTTP Server, prior to release 2.4.25, accepted a broad pattern of unusual whitespace patterns from the user-agent, including bare CR, FF, VTAB in parsing the request line and request header lines, as well as HTA...

7.5CVSS9.5AI score0.13252EPSS
Exploits0
NVD
NVD
added 2005/12/10 11:3 a.m.13 views

CVE-2005-4144

Lyris ListManager 5.0 through 8.9a allows remote attackers to add "ORDER BY" columns to SQL queries via unusual whitespace characters in the orderby parameter, such as 1 newlines and 2 0xFF ASCII 255 characters, which are interpreted as whitespace...

7.5CVSS7.2AI score0.0176EPSS
Exploits0References7
Cvelist
Cvelist
added 2005/12/10 11:0 a.m.18 views

CVE-2005-4144

Lyris ListManager 5.0 through 8.9a allows remote attackers to add "ORDER BY" columns to SQL queries via unusual whitespace characters in the orderby parameter, such as 1 newlines and 2 0xFF ASCII 255 characters, which are interpreted as whitespace...

7.2AI score0.0176EPSS
Exploits0References7
Rows per page
Query Builder