Lucene search
K

35 matches found

Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.7 views

TencentOS Server 4: python-gunicorn (TSSA-2024:0663)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0663 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

7.5CVSS7.5AI score0.02996EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/03 5:37 a.m.10 views

Security Bulletin: IBM Cloud Pak for Data is vulnerable to HTTP Request Smuggling due to Gunicorn ( CVE-2024-1135 )

Summary Gunicorn is used by IBM Cloud Pak for Data. CVE-2024-1135. Vulnerability Details CVEID:CVE-2024-1135 DESCRIPTION: Gunicorn is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP transfer-encoding headers. By sending a specially crafted HTTPS transfer-encoding...

7.5CVSS5.7AI score0.02996EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.6 views

Fedora: Security Advisory (FEDORA-2025-d80b48be94)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.02996EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/05 7:0 p.m.11 views

Security Bulletin: Vulnerability in gunicorn affects IBM Cloud Pak for Data System 1.0(CPDS 1.0)[CVE-2024-1135].

Summary The gunicorn package is used by IBM Cloud Pak for Data System 1.0. IBM Cloud Pak for Data System 1.0 has addressed the applicable CVE CVE-2024-1135. Vulnerability Details CVEID:CVE-2024-1135 DESCRIPTION: Gunicorn is vulnerable to HTTP request smuggling, caused by improper parsing of the...

7.5CVSS5.6AI score0.02996EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/26 6:43 p.m.15 views

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in Gunicorn

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of Gunicorn Vulnerability Details CVEID:CVE-2024-1135 DESCRIPTION: Gunicorn fails to properly validate Transfer-Encoding headers, leading to HTTP Request Smuggling HRS vulnerabilities. By crafting requests with conflicting...

7.5CVSS7.5AI score0.02996EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2025/02/25 12:0 a.m.5 views

openSUSE Security Advisory (SUSE-SU-2024:2881-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.02996EPSS
Exploits0References4
Palo Alto Networks
Palo Alto Networks
added 2025/02/12 5:0 p.m.13 views

Impact of CVE-2024-1135

The Palo Alto Networks Product Security Assurance team has evaluated CVE-2024-1135 as it applies to our products. The Broker VM used in following products is vulnerable to CVE-2024-1135: Cortex XDR Cortex XSIAM Work around: No workaround or mitigation is available...

7.5CVSS7AI score0.02996EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/12/23 12:0 a.m.10 views

Debian: Security Advisory (DLA-3996-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.9AI score0.02996EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/12/20 12:0 a.m.10 views

Debian dla-3996 : gunicorn - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-3996 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3996-1 [email protected] https://www.debian.org/lts/security/...

7.5CVSS7.4AI score0.02996EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/10/10 8:31 p.m.295 views

Moderate: Red Hat Security Advisory: Satellite 6.15.4 Security Update

An update is now available for Red Hat Satellite 6.15 for RHEL 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

9.8CVSS6.7AI score0.02996EPSS
Exploits0References12
F5 Networks
F5 Networks
added 2024/08/23 2:16 a.m.34 views

K000140787: Gunicorn vulnerability CVE-2024-1135

Security Advisory Description Gunicorn fails to properly validate Transfer-Encoding headers, leading to HTTP Request Smuggling HRS vulnerabilities. By crafting requests with conflicting Transfer-Encoding headers, attackers can bypass security restrictions and access restricted endpoints. This iss...

7.5CVSS7.8AI score0.02996EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/08/13 12:0 a.m.28 views

SUSE SLES15 / openSUSE 15 Security Update : python-gunicorn (SUSE-SU-2024:2881-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2881-1 advisory. - CVE-2024-1135: Fixed HTTP Request Smuggling due to improperly validate Transfer-Encoding headers bsc1222950 Tenable has...

7.5CVSS7.5AI score0.02996EPSS
Exploits0References4
OSV
OSV
added 2024/08/12 3:40 p.m.18 views

SUSE-SU-2024:2881-1 Security update for python-gunicorn

This update for python-gunicorn fixes the following issues: - CVE-2024-1135: Fixed HTTP Request Smuggling due to improperly validate Transfer-Encoding headers bsc1222950...

7.5CVSS7.2AI score0.02996EPSS
Exploits0References3
Debian
Debian
added 2024/06/30 10:4 p.m.14 views

[SECURITY] [DLA 3851-1] gunicorn security update

Debian LTS Advisory DLA-3851-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 30, 2024 https://wiki.debian.org/LTS Package : gunicorn Version : 19.9.0-1+deb10u1 CVE ID : CVE-2024-1135 Debian Bug : 1069126 Gunicorn, an event-based HTTP/WSGI server, fails to...

7.5CVSS7AI score0.02996EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/28 3:21 p.m.28 views

Security Bulletin: Vulnerability in Gunicorn affects IBM Process Mining CVE-2024-1135

Summary There is a vulnerability in Gunicorn that could allow an attacker to conduct XSS attacks on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2024-1135 DESCRIPTION: Gunicor...

7.5CVSS7.5AI score0.02996EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/25 10:5 p.m.29 views

Security Bulletin: Maximo Application Suite - gunicorn-20.1.0-py3-none-any.whl is vulnerable to CVE-2024-1135 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses gunicorn-20.1.0-py3-none-any.whl which is vulnerable to CVE-2024-1135. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-1135 DESCRIPTION: Gunicorn is vulnerable to HTTP...

7.5CVSS7.3AI score0.02996EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/06/24 12:0 a.m.29 views

RHEL 8 : Red Hat OpenStack Platform 16.2 (python-gunicorn) (RHSA-2024:4054)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:4054 advisory. Gunicorn Green Unicorn is a Python WSGI HTTP server for UNIX. Security Fixes: HTTP Request Smuggling due to improper validation of Transfer-Encoding...

7.5CVSS7.5AI score0.02996EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/20 2:20 p.m.28 views

Security Bulletin: HTTP request smuggling vulnerability in IBM Business Automation Workflow Machine Learning Server CVE-2024-1135

Summary In addition to updates to operating system level packages, IBM Business Automation Workflow Machine Learning Server 23.0.2-IF003 addresses the following vulnerability CVE-2024-1135. Vulnerability Details CVEID:CVE-2024-1135 DESCRIPTION: Gunicorn is vulnerable to HTTP request smuggling,...

7.5CVSS7.2AI score0.02996EPSS
Exploits0Affected Software2
RedHat Linux
RedHat Linux
added 2024/06/12 4:3 a.m.32 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.12.59 bug fix and security update

Red Hat OpenShift Container Platform release 4.12.59 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...

7.5CVSS7.1AI score0.02996EPSS
Exploits0References9
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/07 6:46 a.m.30 views

Security Bulletin: IBM Maximo Application Suite uses gunicorn-21.2.0-py3-none-any.whl which is vulnerable to CVE-2024-1135.

Summary IBM Maximo Application Suite uses gunicorn-21.2.0-py3-none-any.whl which is vulnerable to CVE-2024-1135. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-1135 DESCRIPTION: Gunicorn is vulnerable to HTTP request smuggling,...

7.5CVSS7.2AI score0.02996EPSS
Exploits0Affected Software1
Rows per page
Query Builder