Lucene search
K

8 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:27 a.m.7 views

SUSE CVE-2022-24761

Waitress is a Web Server Gateway Interface server for Python 2 and 3. When using Waitress versions 2.1.0 and prior behind a proxy that does not properly validate the incoming HTTP request matches the RFC7230 standard, Waitress and the frontend proxy may disagree on where one request starts and...

7.5CVSS7.9AI score0.01738EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2022/06/22 12:0 a.m.33 views

EulerOS 2.0 SP8 : python-waitress (EulerOS-SA-2022-1948)

According to the versions of the python-waitress package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Waitress is a Web Server Gateway Interface server for Python 2 and 3. When using Waitress versions 2.1.0 and prior behind a proxy that...

7.5CVSS7.3AI score0.01738EPSS
Exploits0References2
NVD
NVD
added 2022/03/30 10:15 p.m.21 views

CVE-2022-24790

Puma is a simple, fast, multi-threaded, parallel HTTP 1.1 server for Ruby/Rack applications. When using Puma behind a proxy that does not properly validate that the incoming HTTP request matches the RFC7230 standard, Puma and the frontend proxy may disagree on where a request starts and ends. Thi...

9.1CVSS0.0214EPSS
Exploits0References8
Prion
Prion
added 2022/03/30 10:15 p.m.22 views

Design/Logic Flaw

Puma is a simple, fast, multi-threaded, parallel HTTP 1.1 server for Ruby/Rack applications. When using Puma behind a proxy that does not properly validate that the incoming HTTP request matches the RFC7230 standard, Puma and the frontend proxy may disagree on where a request starts and ends. Thi...

5CVSS7.3AI score0.0214EPSS
Exploits0References8Affected Software3
Veracode
Veracode
added 2022/03/18 10:17 a.m.26 views

HTTP Request Smuggling

waitress is vulnerable to HTTP request smuggling. When using the library behind a proxy that does not properly validate the incoming HTTP requests with the RFC7230 standard, waitress and the frontend proxy contradict on where one request starts and where it ends, resulting in requests to be...

7.5CVSS1AI score0.01738EPSS
Exploits0References5Affected Software2
OSV
OSV
added 2022/03/17 1:15 p.m.8 views

AZL-45060 CVE-2022-24761 affecting package python-waitress for versions less than 3.0.1-1

Waitress is a Web Server Gateway Interface server for Python 2 and 3. When using Waitress versions 2.1.0 and prior behind a proxy that does not properly validate the incoming HTTP request matches the RFC7230 standard, Waitress and the frontend proxy may disagree on where one request starts and...

7.5CVSS7AI score0.01738EPSS
Exploits0References1
Prion
Prion
added 2022/03/17 1:15 p.m.34 views

Code injection

Waitress is a Web Server Gateway Interface server for Python 2 and 3. When using Waitress versions 2.1.0 and prior behind a proxy that does not properly validate the incoming HTTP request matches the RFC7230 standard, Waitress and the frontend proxy may disagree on where one request starts and...

5CVSS7.4AI score0.01738EPSS
Exploits0References5Affected Software2
Vulnrichment
Vulnrichment
added 2022/03/17 12:40 p.m.8 views

CVE-2022-24761 HTTP Request Smuggling in waitress

Waitress is a Web Server Gateway Interface server for Python 2 and 3. When using Waitress versions 2.1.0 and prior behind a proxy that does not properly validate the incoming HTTP request matches the RFC7230 standard, Waitress and the frontend proxy may disagree on where one request starts and...

7.5CVSS7.5AI score0.01738EPSS
Exploits0References5
Rows per page
Query Builder