openSUSE 15 Security Update : python-mitmproxy (openSUSE-SU-2023:0233-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2023:0233-1 advisory. - mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP...

openSUSE 15 Security Update : python-mitmproxy (openSUSE-SU-2023:0232-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2023:0232-1 advisory. - mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP...

OPENSUSE-SU-2023:0233-1 Security update for python-mitmproxy

This update for python-mitmproxy fixes the following issues: - CVE-2021-39214: Fixed HTTP smuggling attacks boo1190603...

OPENSUSE-SU-2023:0232-1 Security update for python-mitmproxy

This update for python-mitmproxy fixes the following issues: - CVE-2021-39214: Fixed HTTP smuggling attacks boo1190603...

Security update for python-mitmproxy (moderate)

openSUSE Security Update: Security update for python-mitmproxy Announcement ID: openSUSE-SU-2023:0232-1 Rating: moderate References: 1190603 Cross-References: CVE-2021-39214 CVSS scores: CVE-2021-39214 NVD : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports...

Security update for python-mitmproxy (moderate)

openSUSE Security Update: Security update for python-mitmproxy Announcement ID: openSUSE-SU-2023:0233-1 Rating: moderate References: 1190603 Cross-References: CVE-2021-39214 CVSS scores: CVE-2021-39214 NVD : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports...

SUSE CVE-2018-14505

mitmweb in mitmproxy v4.0.3 allows DNS Rebinding attacks, related to tools/web/app.py...

SUSE CVE-2021-39214

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...

SUSE CVE-2022-24766

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...

FreeBSD : mitmproxy -- Insufficient Protection against HTTP Request Smuggling (ad37a349-ebb7-11ec-b9f7-21427354249d)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ad37a349-ebb7-11ec-b9f7-21427354249d advisory. - mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below, a...

Mitmproxy2Swagger - Automagically Reverse-Engineer REST APIs Via Capturing Traffic

A tool for automatically converting mitmproxy captures to OpenAPI 3.0 specifications. This means that you can automatically reverse-engineer REST APIs by just running the apps and capturing the traffic. Installation First you will need python3 and pip3. $ pip install mitmproxy2swagger ... or ... ...

Xepor - Web Routing Framework For Reverse Engineers And Security Researchers, Brings The Best Of Mitmproxy And Flask

Xepor pronounced /ˈzɛfə/ , zephyr, a web routing framework for reverse engineers and security researchers. It provides a Flask-like API for hackers to intercept and modify HTTP request and/or HTTP response in a human-friendly coding style. This project is meant to be used with mitmproxy. User wri...

Insufficient Protection against HTTP Request Smuggling in mitmproxy

Impact In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of another request/response's HTTP message body. While...

GHSA-GCX2-GVJ7-PXV3 Insufficient Protection against HTTP Request Smuggling in mitmproxy

Impact In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of another request/response's HTTP message body. While...

adaptdl-cli (>=0.2.2 <=0.2.11), agent-vault-proxy (=0.4.0) +124 more potentially affected by CVE-2022-24766 via mitmproxy (>=10.1.5 <=7.0.4)

mitmproxy PYPI version =10.1.5, =0.2.2, =1.0.0, =0.1.1, =0.2.0, =0.1.0, =0.1.2, =0.1.0, =0.1.0, =0.1.11, =1.0.5, =0.1.0, =0.2.0, =0.72.2, =0.75.43 and more Source cves: CVE-2022-24766 Source advisory: OSV:GHSA-GCX2-GVJ7-PXV3...

HTTP Request Smuggling

mitmproxy is vulnerable to HTTP request smuggling. The vulnerability exists because the header names contain whitespace characters by default, allowing an attacker to smuggle HTTP requests or responses by submitting a malicious message body...

DEBIAN-CVE-2022-24766

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...

CVE-2022-24766

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...

adaptdl-cli (>=0.2.2 <=0.2.11), agent-vault-proxy (=0.4.0) +124 more potentially affected by CVE-2022-24766 via mitmproxy (>=10.1.5 <=7.0.4)

mitmproxy PYPI version =10.1.5, =0.2.2, =1.0.0, =0.1.1, =0.2.0, =0.1.0, =0.1.2, =0.1.0, =0.1.0, =0.1.11, =1.0.5, =0.1.0, =0.2.0, =0.72.2, =0.75.43 and more Source cves: CVE-2022-24766 Source advisory: OSV:PYSEC-2022-170...

PYSEC-2022-170

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of...