Lucene search
+L

385 matches found

OSV
OSV
added 2019/12/20 11:15 p.m.4 views

PYSEC-2019-137

Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separated list, with t...

7.5CVSS6.8AI score0.02545EPSS
Exploits0References6
OSV
OSV
added 2019/12/20 11:15 p.m.2 views

PYSEC-2019-67

Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separated list, with t...

5.9AI score
Exploits0References6
OSV
OSV
added 2019/12/20 11:15 p.m.10 views

PYSEC-2019-66

Waitress through version 1.3.1 implemented a "MAY" part of the RFC7230 which states: "Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize a single LF as a line terminator and ignore any preceding CR." Unfortunately if a front-end serve...

6.6AI score
Exploits0References6
OSV
OSV
added 2019/12/20 11:15 p.m.10 views

UBUNTU-CVE-2019-16786

Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separated list, with t...

7.5CVSS6.7AI score0.02545EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2019/12/20 11:4 p.m.4 views

chellow (>=2050.0.0 <=2230.0.0), dcicsnovault (>=2.0.0b0 <=2.0.0b11) +11 more potentially affected by CVE-2019-16792 via waitress (>=0.8.10 <=1.3.1)

waitress PYPI version =0.8.10, =2050.0.0, =2.0.0b0, =1.4.0, =17.4.0, =1.1.0.dev20170908, =1.3.7, =0.9.1, =1.0.3, =1.0.4 Source cves: CVE-2019-16792 Source advisory: OSV:GHSA-4PPP-GPCR-7QF6...

7.5CVSS6.7AI score0.02122EPSS
Exploits0
OSV
OSV
added 2019/12/20 11:4 p.m.31 views

GHSA-4PPP-GPCR-7QF6 HTTP Request Smuggling: Content-Length Sent Twice in Waitress

Impact Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. So a request with: Content-Length: 10 Content-Length: 10 would get transformed to: Content-Length: 10, 10 Whic...

7.5CVSS7.4AI score0.02122EPSS
Exploits0References8
Github Security Blog
Github Security Blog
added 2019/12/20 11:4 p.m.129 views

HTTP Request Smuggling: Content-Length Sent Twice in Waitress

Impact Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. So a request with: Content-Length: 10 Content-Length: 10 would get transformed to: Content-Length: 10, 10 Whic...

7.5CVSS6.8AI score0.02122EPSS
Exploits0References8Affected Software1
vulnersOsv
vulnersOsv
added 2019/12/20 11:4 p.m.5 views

chellow (>=2050.0.0 <=2230.0.0), dcicsnovault (>=2.0.0b0 <=2.0.0b11) +11 more potentially affected by CVE-2019-16786 via waitress (>=0.8.10 <=1.3.1)

waitress PYPI version =0.8.10, =2050.0.0, =2.0.0b0, =1.4.0, =17.4.0, =1.1.0.dev20170908, =1.3.7, =0.9.1, =1.0.3, =1.0.4 Source cves: CVE-2019-16786 Source advisory: OSV:GHSA-G2XC-35JW-C63P...

7.5CVSS6.7AI score0.02545EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2019/12/20 11:4 p.m.152 views

HTTP Request Smuggling: Invalid Transfer-Encoding in Waitress

Impact Waitress would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separated list, with the inner-most...

7.5CVSS0.02545EPSS
Exploits0References11Affected Software1
OSV
OSV
added 2019/12/20 11:4 p.m.34 views

GHSA-G2XC-35JW-C63P HTTP Request Smuggling: Invalid Transfer-Encoding in Waitress

Impact Waitress would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separated list, with the inner-most...

7.1CVSS7.5AI score0.02545EPSS
Exploits0References11
vulnersOsv
vulnersOsv
added 2019/12/20 11:3 p.m.5 views

chellow (>=2050.0.0 <=2230.0.0), dcicsnovault (>=2.0.0b0 <=2.0.0b11) +11 more potentially affected by CVE-2019-16785 via waitress (>=0.8.10 <=1.3.1)

waitress PYPI version =0.8.10, =2050.0.0, =2.0.0b0, =1.4.0, =17.4.0, =1.1.0.dev20170908, =1.3.7, =0.9.1, =1.0.3, =1.0.4 Source cves: CVE-2019-16785 Source advisory: OSV:GHSA-PG36-WPM5-G57P...

7.5CVSS6.7AI score0.02714EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2019/12/20 11:3 p.m.188 views

HTTP Request Smuggling: LF vs CRLF handling in Waitress

Impact Waitress implemented a "MAY" part of the RFC7230 https://tools.ietf.org/html/rfc7230section-3.5 which states: Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize a single LF as a line terminator and ignore any preceding CR...

7.5CVSS0.1AI score0.02714EPSS
Exploits1References11Affected Software1
OSV
OSV
added 2019/12/20 11:3 p.m.31 views

GHSA-PG36-WPM5-G57P HTTP Request Smuggling: LF vs CRLF handling in Waitress

Impact Waitress implemented a "MAY" part of the RFC7230 https://tools.ietf.org/html/rfc7230section-3.5 which states: Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize a single LF as a line terminator and ignore any preceding CR...

7.1CVSS7.5AI score0.02714EPSS
Exploits1References11
Cvelist
Cvelist
added 2019/12/20 11:0 p.m.41 views

CVE-2019-16785 HTTP Request Smuggling: LF vs CRLF handling in Waitress

Waitress through version 1.3.1 implemented a "MAY" part of the RFC7230 which states: "Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize a single LF as a line terminator and ignore any preceding CR." Unfortunately if a front-end serve...

7.1CVSS7.4AI score0.02714EPSS
Exploits1References8
CVE
CVE
added 2019/12/20 11:0 p.m.300 views

CVE-2019-16785

Summary: The vulnerability CVE-2019-16785 affects Waitress (Python WSGI server) up to v1.3.1. It relates to RFC7230’s line-termination rule: Waitress may treat messages inconsistently when a proxy uses LF vs CRLF, enabling HTTP request smuggling/splitting. Impact is the front-end and back-end par...

7.5CVSS7.1AI score0.02714EPSS
Exploits1References8Affected Software1
Debian CVE
Debian CVE
added 2019/12/20 11:0 p.m.45 views

CVE-2019-16785

Waitress through version 1.3.1 implemented a "MAY" part of the RFC7230 which states: "Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize a single LF as a line terminator and ignore any preceding CR." Unfortunately if a front-end serve...

7.5CVSS6.5AI score0.02714EPSS
Exploits1
AlpineLinux
AlpineLinux
added 2019/12/20 11:0 p.m.50 views

CVE-2019-16785

Waitress through version 1.3.1 implemented a "MAY" part of the RFC7230 which states: "Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize a single LF as a line terminator and ignore any preceding CR." Unfortunately if a front-end serve...

7.5CVSS7.2AI score0.02714EPSS
Exploits1
Debian CVE
Debian CVE
added 2019/12/20 11:0 p.m.74 views

CVE-2019-16786

Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separated list, with t...

7.5CVSS6.5AI score0.02545EPSS
Exploits0
Cvelist
Cvelist
added 2019/12/20 11:0 p.m.34 views

CVE-2019-16786 HTTP Request Smuggling: Invalid Transfer-Encoding in Waitress

Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separated list, with t...

7.1CVSS7.4AI score0.02545EPSS
Exploits0References8
CVE
CVE
added 2019/12/20 11:0 p.m.315 views

CVE-2019-16786

Waitress (Python WSGI server) before version 1.4.0 exposed an HTTP request-smuggling vulnerability related to Transfer-Encoding. If a request’s Transfer-Encoding header was not finalised as chunked, Waitress could ignore the header and fall back to Content-Length, potentially allowing HTTP pipeli...

7.5CVSS7AI score0.02545EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder