Waitress@* Security Vulnerabilities and Issues — Waitress@* CVE List

Lucene search

AgendalessWaitress*

3 matches found

CVE•added 2019/12/20 11:15 p.m.•283 views

CVE-2019-16786

Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separated list, with the...

7.5CVSS7AI score0.00516EPSS

CVE•added 2022/03/17 1:15 p.m.•151 views

CVE-2022-24761

Waitress is a Web Server Gateway Interface server for Python 2 and 3. When using Waitress versions 2.1.0 and prior behind a proxy that does not properly validate the incoming HTTP request matches the RFC7230 standard, Waitress and the frontend proxy may disagree on where one request starts and wher...

7.5CVSS7.5AI score0.00204EPSS

CVE•added 2024/10/29 3:15 p.m.•72 views

CVE-2024-49769

Waitress is a Web Server Gateway Interface server for Python 2 and 3. When a remote client closes the connection before waitress has had the opportunity to call getpeername() waitress won't correctly clean up the connection leading to the main thread attempting to write to a socket that no longer e...

7.5CVSS7.5AI score0.00369EPSS