Node.js 环境问题漏洞

Node.js is an open source, cross-platform JavaScript runtime environment. An environmental issue vulnerability exists in Node.js that stems from the llhttp parser in the Node.js http module not properly parsing and validating the Transfer-Encoding header, which could result in HTTP Request...

PT-2022-21155 · Node.Js +8 · Node.Js +8

Name of the Vulnerable Software and Affected Versions: Node.js versions prior to 14.20.1 Node.js versions prior to 16.17.1 Node.js versions prior to 18.9.1 Description: The issue arises from the llhttp parser in the http module of Node.js not correctly handling multi-line Transfer-Encoding header...

tomcat: HTTP request smuggling when used with a reverse proxy

Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specifically: - Tomcat incorrectly ignored the transfer...

GHSA-GWFG-CQMG-CF8F WEBRick vulnerable to HTTP Request/Response Smuggling

An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy which also has a po...

GHSA-63H2-9CC8-FC7M meinheld vulnerable to HTTP Request Smuggling

meinheld prior to 1.0.2 is vulnerable to HTTP Request Smuggling. HTTP pipelining issues and request smuggling attacks might be possible due to incorrect Content-Length and Transfer encoding header parsing...

CVE-2020-7238

A flaw was found in Netty, where it mishandles Transfer-Encoding whitespace. This flaw allows HTTP Request Smuggling. Mitigation Use HTTP/2 instead clear boundaries between requests Disable reuse of backend connections eg. http-reuse never in HAProxy or whatever equivalent LB settings...

Apache Tomcat does not properly handle an invalid Transfer-Encoding header

Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service application outage or obtain sensitive information via a crafted header that interferes with "recycling...

GHSA-CXG2-49RQ-8GCR Apache Tomcat does not properly handle an invalid Transfer-Encoding header

Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service application outage or obtain sensitive information via a crafted header that interferes with "recycling...

SAP Web Dispatcher HTTP Request Smuggling

Onapsis Security Advisory 2022-0001: HTTP Request Smuggling in SAP Web Dispatcher Impact on Business By injecting an HTTP request as a prefix into a victim's request, a malicious user is able to cause damage in different ways, such as producing a Denial of Service by setting an invalid request as...

GHSA-PQR5-9V2J-44XG Apache Tomcat DoS via Malicious Get Request

Tomcat 4.0 through 4.1.12, using modjk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service desynchronized communications via an HTTP GET request with a Transfer-Encoding chunked field with invalid values...

The vulnerability in the implementation of the Hypertext Transfer Protocol (HTTP/1.1) of the Eclipse Jetty server container allows a attacker to send hidden HTTP requests (HTTP Request Smuggling attack).

The vulnerability of the Hypertext Transfer Protocol HTTP/1.1 implementation in Eclipse Jetty servers is related to deficiencies in handling the Transfer-Encoding and Content-Length headers. Exploiting this vulnerability allows a malicious actor to send hidden HTTP requests remotely a type of HTT...

tomcat: HTTP request smuggling when used with a reverse proxy

Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specifically: - Tomcat incorrectly ignored the transfer...

Puma vulnerable to HTTP Request Smuggling

When using Puma behind a proxy that does not properly validate that the incoming HTTP request matches the RFC7230 standard, Puma and the frontend proxy may disagree on where a request starts and ends. This would allow requests to be smuggled via the front-end proxy to Puma. The following...

PT-2022-7650 · Puma +11 · Puma +11

Name of the Vulnerable Software and Affected Versions: Puma versions prior to 4.3.12 Puma versions prior to 5.6.4 Description: The issue is related to the handling of HTTP requests in Puma, a server for Ruby/Rack applications. When Puma is used behind a proxy that does not properly validate...

Node.js: HTTP Request Smuggling Due to Flawed Parsing of Transfer-Encoding

Summary: The llhttp parser in the http module in Node v17.8.0 does not correctly parse and validate Transfer-Encoding headers. This can lead to HTTP Request Smuggling HRS. Description: After 1501679, I did a bit more digging into the issue, and found that there were more flaws in the parsing of...

Node.js: HTTP Request Smuggling Due to Incorrect Parsing of Multi-line Transfer-Encoding

Summary: The llhttp parser in the http module in Node v17.6.0 does not correctly handle multi-line Transfer-Encoding headers. This can lead to HTTP Request Smuggling HRS. Description: When Node receives the following request: http GET / HTTP/1.1 Transfer-Encoding: chunked , identity 1 a 0 it...

ruby: Potential HTTP request smuggling in WEBrick

An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy which also has a po...

ruby: Potential HTTP request smuggling in WEBrick

An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy which also has a po...

The vulnerabilities of the Transfer-Encoding and Content-Length headers in the Netty network programming framework, related to deficiencies in HTTP request interpretation, allow attackers to compromise data integrity.

The vulnerability of the Transfer-Encoding and Content-Length headers in the Netty network programming framework is related to a lack of proper interpretation of HTTP requests. Exploiting this vulnerability allows an attacker to compromise the integrity of data...

CVE-2022-21907

HTTP Protocol Stack Remote Code Execution Vulnerability...