H3 Environmental Issues and Vulnerabilities

H3 is an open-source HTTP framework developed by H3. Versions prior to H3 1.15.5 contained an environmental issue vulnerability. This vulnerability stemmed from the strict case-sensitive handling of the Transfer-Encoding header, which could lead to HTTP request payload attacks...

EspoCRM 环境问题漏洞

EspoCRM is an open source web-based customer relationship management CRM system from EspoCRM Open Source. The system provides features such as sales automation, community and customer support. An environmental issue vulnerability exists in EspoCRM 9.1.6 and prior versions, which stems from a doub...

Red Hat Keycloak 环境问题漏洞

Red Hat Keycloak is a suite of software from Red Hat, Inc. that provides authentication and management capabilities for modern applications and services. An environmental issue vulnerability exists in Red Hat Keycloak that stems from susceptibility to denial of service attacks...

Loway QueueMetrics 环境问题漏洞

Loway QueueMetrics is a tool from Loway that allows you to automate the installation of a pre-configured QueueMetrics system on the most common Asterisk distributions. An environmental issue vulnerability exists in Loway QueueMetrics version 22.11.6 that stems from HTTP request/response smuggling...

Apache bRPC Environment Issue Vulnerability

Apache bRPC is the United States Apache Apache Foundation's industrial-grade RPC framework for building reliable and high-performance services. Apache bRPC suffers from an environmental issue vulnerability that stems from the presence of an HTTP server request smuggling vulnerability that can be...

Apache bRPC 环境问题漏洞

Apache bRPC is the United States Apache Apache Foundation's industrial-grade RPC framework for building reliable and high-performance services. Apache bRPC suffers from an environmental issue vulnerability that stems from the presence of an HTTP server request smuggling vulnerability that can be...

Puma 环境问题漏洞

Puma is a web server for highly concurrent applications by Evan Phoenix, an individual developer in the United States. An environmental issue vulnerability exists in Puma that stems from a security issue when parsing trailing fields and zero-length Content-Length headers in the body of the chunke...

Apache Traffic Server Environment Issue Vulnerability

Apache Traffic Server ATS is a suite of scalable HTTP proxies and caching servers from the Apache Foundation in the United States. An environmental issue vulnerability exists in Apache Software Foundation Apache Traffic Server version 9.2.1 that stems from the presence of incorrect input validati...

Envoy 环境问题漏洞

Envoy is an open source distributed proxy server. Envoy suffers from an environmental issue vulnerability that stems from the ability to bypass certain requests, which could result in requests using a mixed-case scheme being denied...

Drogon 环境问题漏洞

Drogon is an open source HTTP application framework based on C++14/17. Drogon can be used to easily build various types of web application server programs using C++. Drogon is vulnerable to an environmental issue that stems from an HTTP response splitting problem that allows an attacker to add th...

Pulse Secure Pulse Connect Secure 环境问题漏洞

Pulse Secure Pulse Connect Secure aka PCS, formerly known as Juniper Junos Pulse is an SSL VPN solution from Pulse Secure, Inc. in the United States. An environmental issue vulnerability exists in Pulse Secure Pulse Connect Secure version 9.115 and prior versions. An attacker could exploit this...

Apache HTTP Server Environment Issue Vulnerability (CNVD-2022-51061)

Apache HTTP Server is an open source web server from the Apache Foundation. Apache HTTP Server is vulnerable to an environmental issue that results from Apache HTTP Server's inability to close inbound connections when dropping the body of a request, leading to request smuggling. The vulnerability...

Waitress Environmental Issues Vulnerability (CNVD-2022-21483)

Waitress is a WSGI Web Server Gateway Interface server for Python. Waitress 2.1.0 and earlier versions are vulnerable to an environmental issue that stems from a software agent's inability to properly validate incoming HTTP requests for compliance, which allows smuggling through a front-end agent...

Apache Traffic Server 环境问题漏洞

An environmental issue vulnerability exists in Apache Traffic Server ATS, a set of scalable HTTP proxy and caching servers from the Apache Foundation, which stems from a failure to properly handle URL data segments. An attacker could exploit this vulnerability to affect the cache of the target...

hyper crate for Rust environment issue vulnerability

hyper crate for Rust is a Rust-based HTTP library. An environmental issue vulnerability exists in hyper crate for Rust that arises from an unreasonable environmental factor in a networked system or product...

Mozilla Rust tiny_http crate environment issue vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. An environmental issue vulnerability exists in tinyhttp crate in versions of Mozilla Rust prior to 2020-06-16, which stems from an HTTP request smuggling can occur via a misformatted transport encoding header. N...

Apache HTTP Server Environment Issue Vulnerability (CNVD-2020-46279)

Apache HTTP Server is the United States Apache Software Apache Software Foundation of an open source web server . The server is fast, reliable and can be expanded through a simple API. An environmental issue vulnerability exists in Apache HTTP Server versions 2.4.20 through 2.4.43. An attacker...

agoo environmental issues loophole

agoo is a Ruby-based HTTP server by Peter Ohler Software Developers. An environmental issue vulnerability exists in agoo 2.12.3 and earlier versions. An attacker can exploit this vulnerability by sending the Content-Length header twice to conduct an HTTP request smuggling attack...

Reel Environmental Issues Vulnerability

Reel is an open source "event-based" Web server . An environmental issue vulnerability exists in Reel 0.6.1 and earlier versions, which can be exploited to conduct HTTP request smuggling attacks because the program does not properly parse the Content-Length and Transfer Encoding headers...

Apache Traffic Server Environment Issue Vulnerability (CNVD-2020-21910)

Apache Traffic Server ATS is the United States Apache Apache Software Foundation's set of scalable HTTP proxy and caching server. An environmental issue vulnerability exists in Apache ATS versions 6.0.0 through 6.2.3, 7.0.0 through 7.1.8, and 8.0.0 through 8.0.5, which stems from incorrect input...