3 matches found
CVE-2020-7670
agoo prior to 2.14.0 allows request smuggling attacks where agoo is used as a backend and a frontend proxy also being vulnerable. HTTP pipelining issues and request smuggling attacks might be possible due to incorrect Content-Length and Transfer encoding header parsing. It is possible to conduct...
CVE-2020-7670
agoo prior to 2.14.0 allows request smuggling attacks where agoo is used as a backend and a frontend proxy also being vulnerable. HTTP pipelining issues and request smuggling attacks might be possible due to incorrect Content-Length and Transfer encoding header parsing. It is possible to conduct...
CVE-2020-7670
Agoo prior to 2.14.0 is affected. The issue arises from incorrect parsing of Content-Length and Transfer-Encoding headers, enabling HTTP request smuggling when Agoo is used as a backend and a frontend proxy in a chain of backends. Impact is described as possible request smuggling due to TE/CL han...