GHSA-W7PP-M8WF-VJ6R vulnerabilities

Vulnerabilities for packages: mitmproxy...

CVE-2023-23931 vulnerabilities

Vulnerabilities for packages: mitmproxy...

GHSA-W7PP-M8WF-VJ6R vulnerabilities

Vulnerabilities for packages: mitmproxy...

EUVD-2021-0135

Malware in sbrugna...

EUVD-2025-3147

Malicious code in bioql PyPI...

EUVD-2022-0156

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-24766

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request...

Remote Code Execution (RCE)

mitmproxy is vulnerable to Remote Code Execution RCE. The vulnerability is due to mitmweb's proxy server allowing access to its internal API, allowing an attacker to perform SSRF and potentially escalate to remote code execution...

CVE-2025-23217

mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface for mitmproxy. In mitmweb 11.1.1 and below, a malicious client can use mitmweb's proxy server bound to :8080 by default to access mitmweb's internal...

CVE-2025-23217

mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface for mitmproxy. In mitmweb 11.1.1 and below, a malicious client can use mitmweb's proxy server bound to :8080 by default to access mitmweb's internal...

CVE-2021-39214

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...

CVE-2022-24766

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...

Security update for python-mitmproxy (moderate)

openSUSE Security Update: Security update for python-mitmproxy Announcement ID: openSUSE-SU-2023:0232-1 Rating: moderate References: 1190603 Cross-References: CVE-2021-39214 CVSS scores: CVE-2021-39214 NVD : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports...

Insufficient Protection against HTTP Request Smuggling in mitmproxy

Impact In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of another request/response's HTTP message body. While...

CVE-2022-24766 Insufficient Protection against HTTP Request Smuggling in mitmproxy

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...

CVE-2021-39214

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...

adaptdl-cli (>=0.2.2 <=0.2.11), agentic-store-mcp (>=1.0.0 <=1.0.1) +113 more potentially affected by CVE-2021-39214 via mitmproxy (>=0.17.0 <=6.0.2)

mitmproxy PYPI version =0.17.0, =0.2.2, =1.0.0, =0.1.1, =0.2.0, =0.1.0, =0.1.2, =0.1.0, =0.1.11, =1.0.5, =0.1.0, =0.2.0, =0.72.2, =0.1.9, =1.0.0, =2.0.0.post1 and more Source cves: CVE-2021-39214 Source advisory: OSV:PYSEC-2021-328...

adaptdl-cli (>=0.2.2 <=0.2.11), agentic-store-mcp (>=1.0.0 <=1.0.1) +103 more potentially affected by CVE-2018-14505 via mitmproxy (>=0.17.0 <=4.0.3)

mitmproxy PYPI version =0.17.0, =0.2.2, =1.0.0, =0.1.1, =0.2.0, =0.1.0, =0.1.2, =0.1.0, =0.1.11, =1.0.5, =0.1.0, =0.2.0, =0.72.2, =0.1.9, =1.0.0, =2.0.0.post1 and more Source cves: CVE-2018-14505 Source advisory: OSV:GHSA-6M53-C78Q-7QMG...

DEBIAN-CVE-2018-14505

mitmweb in mitmproxy v4.0.3 allows DNS Rebinding attacks, related to tools/web/app.py...