Lighttpd 1.4.80 HTTP Request/Response Smuggling Vulnerability

Lighttpd is prone to an HTTP request/response smuggling vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Important: Red Hat Security Advisory: squid security update

An update for squid is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

BIT-HAPROXY-2024-53008

Inconsistent interpretation of HTTP requests 'HTTP Request/Response Smuggling' issue exists in HAProxy. If this vulnerability is exploited, a remote attacker may access a path that is restricted by ACL Access Control List set on the product. As a result, the attacker may obtain sensitive...

CVE-2024-53008

Inconsistent interpretation of HTTP requests 'HTTP Request/Response Smuggling' issue exists in HAProxy. If this vulnerability is exploited, a remote attacker may access a path that is restricted by ACL Access Control List set on the product. As a result, the attacker may obtain sensitive...

CVE-2024-53008

Inconsistent interpretation of HTTP requests 'HTTP Request/Response Smuggling' issue exists in HAProxy. If this vulnerability is exploited, a remote attacker may access a path that is restricted by ACL Access Control List set on the product. As a result, the attacker may obtain sensitive...

JVN#88385716: HAProxy vulnerable to HTTP request/response smuggling

HAProxy HTTP/3 implementation contains an issue on accepting malformed HTTP headers. When a request including malformed HTTP headers is forwarded to a HTTP/1.1 non-compliant back-end server, it is exploited to conduct an HTTP request/response smuggling attack CWE-444. Impact A remote attacker may...

CVE-2024-42342

Loway - CWE-444: Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling'...

CVE-2024-42342 Loway - CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Loway - CWE-444: Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling'...

CVE-2024-42342

Loway QueueMetrics is affected by an HTTP request/response smuggling vulnerability (CWE-444). The linked documents identify the issue in QueueMetrics and cite version 22.11.6 as affected, describing it as an environmental issue vulnerability. No explicit fix/version is provided across the connect...

HTTP Request/Response Smuggling

Twisted is vulnerable to HTTP Request/Response Smuggling. The vulnerability is due to the HTTP 1.0 and 1.1 server provided by twisted.web which can process pipelined HTTP requests out-of-order...

RHEL 7 : haproxy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - haproxy: data leak via fcgi requests CVE-2023-0836 - An uncontrolled resource consumption vulnerability w...

Important: squid

Issue Overview: Due to chunked decoder lenience Squid is vulnerable to Request/Response smuggling attacks when parsing HTTP/1.1 and ICAP messages. CVE-2023-46846 Affected Packages: squid Issue Correction: Run yum update squid or yum update --advisory ALAS-2024-1933 to update your system. New...

squid:4 security update

libecap squid 7:4.15-7.3 - Fix squid: DoS against HTTP and HTTPS CVE-2023-5824 7:4.15-7.1 - Resolves: RHEL-14801 - squid: squid: Denial of Service in HTTP Digest Authentication - Resolves: RHEL-14776 - squid: squid: Request/Response smuggling in HTTP/1.1 and ICAP...

squid:4 security update

An update is available for module.libecap, module.squid, squid, libecap. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Squid is a high-performance proxy cachin...

RLSA-2023:7213 Critical: squid:4 security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: Denial of Service in HTTP Digest Authentication CVE-2023-46847 squid: Request/Response smuggling in HTTP/1.1 and ICAP CVE-2023-46846 For more details about the...

squid:4 security update

libecap squid 7:4.15-7.1 - Resolves: RHEL-14801 - squid: squid: Denial of Service in HTTP Digest Authentication - Resolves: RHEL-14776 - squid: squid: Request/Response smuggling in HTTP/1.1 and ICAP...

squid security update

7:5.5-6.1 - Resolves: RHEL-14819 - squid: squid: denial of Servicein FTP - Resolves: RHEL-14807 - squid: squid: Denial of Service in HTTP Digest Authentication - Resolves: RHEL-14780 - squid: squid: Request/Response smuggling in HTTP/1.1 and ICAP 7:5.5-6 - Resolves: 2231827 - Crash with...

Critical: Red Hat Security Advisory: squid:4 security update

An update for the squid:4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

ALSA-2023:7213 Critical: squid:4 security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: Denial of Service in HTTP Digest Authentication CVE-2023-46847 squid: Request/Response smuggling in HTTP/1.1 and ICAP CVE-2023-46846 For more details about the...

Critical: squid:4 security update

Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fixes: squid: Denial of Service in HTTP Digest Authentication CVE-2023-46847 squid: Request/Response smuggling in HTTP/1.1 and ICAP CVE-2023-46846 For more details about the...