FreeBSD : mitmproxy -- Insufficient Protection against HTTP Request Smuggling (ad37a349-ebb7-11ec-b9f7-21427354249d)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ad37a349-ebb7-11ec-b9f7-21427354249d advisory. - mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below, a...

Mitmproxy2Swagger - Automagically Reverse-Engineer REST APIs Via Capturing Traffic

A tool for automatically converting mitmproxy captures to OpenAPI 3.0 specifications. This means that you can automatically reverse-engineer REST APIs by just running the apps and capturing the traffic. Installation First you will need python3 and pip3. $ pip install mitmproxy2swagger ... or ... ...

Xepor - Web Routing Framework For Reverse Engineers And Security Researchers, Brings The Best Of Mitmproxy And Flask

Xepor pronounced /ˈzɛfə/ , zephyr, a web routing framework for reverse engineers and security researchers. It provides a Flask-like API for hackers to intercept and modify HTTP request and/or HTTP response in a human-friendly coding style. This project is meant to be used with mitmproxy. User wri...

GHSA-GCX2-GVJ7-PXV3 Insufficient Protection against HTTP Request Smuggling in mitmproxy

Impact In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of another request/response's HTTP message body. While...

adaptdl-cli (>=0.2.2 <=0.2.11), agentic-store-mcp (>=1.0.0 <=1.0.1) +114 more potentially affected by CVE-2022-24766 via mitmproxy (>=0.17.0 <=7.0.4)

mitmproxy PYPI version =0.17.0, =0.2.2, =1.0.0, =0.1.1, =0.2.0, =0.1.0, =0.1.2, =0.1.0, =0.1.11, =1.0.5, =0.1.0, =0.2.0, =0.72.2, =0.1.9, =1.0.0, =2.0.0.post1 and more Source cves: CVE-2022-24766 Source advisory: OSV:GHSA-GCX2-GVJ7-PXV3...

HTTP Request Smuggling

mitmproxy is vulnerable to HTTP request smuggling. The vulnerability exists because the header names contain whitespace characters by default, allowing an attacker to smuggle HTTP requests or responses by submitting a malicious message body...

CVE-2022-24766

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...

DEBIAN-CVE-2022-24766

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...

Design/Logic Flaw

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...

PYSEC-2022-170

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...

PYSEC-2022-170

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...

UBUNTU-CVE-2022-24766

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...

adaptdl-cli (>=0.2.2 <=0.2.11), agentic-store-mcp (>=1.0.0 <=1.0.1) +114 more potentially affected by CVE-2022-24766 via mitmproxy (>=0.17.0 <=7.0.4)

mitmproxy PYPI version =0.17.0, =0.2.2, =1.0.0, =0.1.1, =0.2.0, =0.1.0, =0.1.2, =0.1.0, =0.1.11, =1.0.5, =0.1.0, =0.2.0, =0.72.2, =0.1.9, =1.0.0, =2.0.0.post1 and more Source cves: CVE-2022-24766 Source advisory: OSV:PYSEC-2022-170...

CVE-2022-24766 Insufficient Protection against HTTP Request Smuggling in mitmproxy

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...

CVE-2022-24766

Mitmproxy vulnerability CVE-2022-24766 affects mitmproxy

CVE-2022-24766

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...

CVE-2022-24766 Insufficient Protection against HTTP Request Smuggling in mitmproxy

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...

mitmproxy -- Insufficient Protection against HTTP Request Smuggling

Zeyu Zhang reports: In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of another request/response's HTTP message body...

PT-2022-16864 · Mitmproxy +1 · Mitmproxy +1

Name of the Vulnerable Software and Affected Versions: mitmproxy versions 7.0.4 and below Description: A malicious client or server can perform HTTP request smuggling attacks through mitmproxy. This means a malicious client/server could smuggle a request/response through mitmproxy as part of...

mitmproxy 环境问题漏洞

mitmproxy is an interactive, SSL/TLS-enabled interceptor proxy with a console interface for HTTP/1, HTTP/2, and WebSockets. A security vulnerability exists in mitmproxy version 7.0.4 and prior versions, which can be exploited by malicious clients or servers to perform request smuggling attacks vi...