Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:10 a.m.7 views

CVE-2019-16792

Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. If two...

7.5CVSS6.3AI score0.02122EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/05/13 12:0 a.m.23 views

Debian: Security Advisory (DLA-3000-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS7.8AI score0.02714EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2020:3269-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS6.5AI score0.02714EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2020/11/17 12:0 a.m.41 views

openSUSE Security Update : python-waitress (openSUSE-2020-1911)

This update for python-waitress to 1.4.3 fixes the following security issues : - CVE-2019-16785: HTTP request smuggling through LF vs CRLF handling bsc1161088. - CVE-2019-16786: HTTP request smuggling through invalid Transfer-Encoding bsc1161089. - CVE-2019-16789: HTTP request smuggling through...

8.2CVSS6.3AI score0.02714EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2020/11/17 12:0 a.m.30 views

openSUSE Security Update : python-waitress (openSUSE-2020-1922)

This update for python-waitress to 1.4.3 fixes the following security issues : - CVE-2019-16785: HTTP request smuggling through LF vs CRLF handling bsc1161088. - CVE-2019-16786: HTTP request smuggling through invalid Transfer-Encoding bsc1161089. - CVE-2019-16789: HTTP request smuggling through...

8.2CVSS6.3AI score0.02714EPSS
Exploits1References8
OSV
OSV
added 2020/11/10 2:58 p.m.11 views

SUSE-SU-2020:3269-1 Security update for python-waitress

This update for python-waitress to 1.4.3 fixes the following security issues: - CVE-2019-16785: HTTP request smuggling through LF vs CRLF handling bsc1161088. - CVE-2019-16786: HTTP request smuggling through invalid Transfer-Encoding bsc1161089. - CVE-2019-16789: HTTP request smuggling through...

8.2CVSS7.7AI score0.02714EPSS
Exploits1References9
NVD
NVD
added 2020/01/22 7:15 p.m.18 views

CVE-2019-16792

Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. If two...

7.5CVSS6.9AI score0.02122EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2020/01/22 7:15 p.m.39 views

CVE-2019-16792

Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. If two...

7.5CVSS6.8AI score0.02122EPSS
Exploits0References3
CVE
CVE
added 2020/01/22 6:30 p.m.197 views

CVE-2019-16792

CVE-2019-16792 affects Waitress up to version 1.3.1, where sending two Content-Length headers can cause a request to be treated as having no body and the body of the request becoming a new request in HTTP pipelining. The issue is caused by header folding of a double Content-Length and an inabilit...

7.5CVSS6.9AI score0.02122EPSS
Exploits0References5Affected Software1
vulnersOsv
vulnersOsv
added 2019/12/20 11:4 p.m.3 views

chellow (>=2050.0.0 <=2230.0.0), dcicsnovault (>=2.0.0b0 <=2.0.0b11) +11 more potentially affected by CVE-2019-16792 via waitress (>=0.8.10 <=1.3.1)

waitress PYPI version =0.8.10, =2050.0.0, =2.0.0b0, =1.4.0, =17.4.0, =1.1.0.dev20170908, =1.3.7, =0.9.1, =1.0.3, =1.0.4 Source cves: CVE-2019-16792 Source advisory: OSV:GHSA-4PPP-GPCR-7QF6...

7.5CVSS6.7AI score0.02122EPSS
Exploits0
Rows per page
Query Builder