Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

UbuntuCve
UbuntuCveadded 2020/01/22 7:15 p.m.34 views

CVE-2019-16792

Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. If two...

7.5CVSS6.8AI score0.00851EPSS
Exploits0References3
Prion
Prionadded 2020/01/22 7:15 p.m.15 views

Design/Logic Flaw

Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. If two...

5CVSS7.2AI score0.00851EPSS
Exploits0References5Affected Software3
Cvelist
Cvelistadded 2020/01/22 6:30 p.m.18 views

CVE-2019-16792 HTTP Request Smuggling: Content-Length Sent Twice in Waitress

Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. If two...

7.1CVSS7.3AI score0.00851EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2020/01/10 2:8 p.m.53 views

CVE-2019-16789

An HTTP-interpretation flaw was found in waitress, through version 1.4.0. If a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially...

8.2CVSS1.2AI score0.01002EPSS
Exploits0References4
Prion
Prionadded 2019/12/20 11:15 p.m.21 views

Design/Logic Flaw

Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separated list, with t...

5CVSS7.1AI score0.00795EPSS
Exploits0References8Affected Software5
Cvelist
Cvelistadded 2019/12/20 11:0 p.m.20 views

CVE-2019-16785 HTTP Request Smuggling: LF vs CRLF handling in Waitress

Waitress through version 1.3.1 implemented a "MAY" part of the RFC7230 which states: "Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize a single LF as a line terminator and ignore any preceding CR." Unfortunately if a front-end serve...

7.1CVSS7.4AI score0.00795EPSS
Exploits1References8
Debian CVE
Debian CVEadded 2019/12/20 11:0 p.m.30 views

CVE-2019-16785

Waitress through version 1.3.1 implemented a "MAY" part of the RFC7230 which states: "Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize a single LF as a line terminator and ignore any preceding CR." Unfortunately if a front-end serve...

7.5CVSS6.5AI score0.00795EPSS
Exploits1
Debian CVE
Debian CVEadded 2019/12/20 11:0 p.m.30 views

CVE-2019-16786

Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separated list, with t...

7.5CVSS6.5AI score0.00795EPSS
Exploits0
Rows per page
Query Builder