CWE-444
AllowedInconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
Abstraction: Base · Status: Incomplete
The product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server, but it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages will be processed by those entities that are at the ultimate destination.
550 vulnerabilities reference this CWE, most recent first.
CVE-2024-23452 (GCVE-0-2024-23452)
Vulnerability from cvelistv5 – Published: 2024-02-08 09:00 – Updated: 2025-06-04 15:07- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache bRPC |
Affected:
0.9.5 , < 1.8.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-23452",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-08T17:08:43.851987Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T15:07:20.721Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:06:24.216Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"release-notes",
"x_transferred"
],
"url": "https://github.com/apache/brpc/releases/tag/1.8.0"
},
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/apache/brpc/pull/2518"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/kkvdpwyr2s2yt9qvvxfdzon012898vxd"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/02/08/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache bRPC",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "1.8.0",
"status": "affected",
"version": "0.9.5",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Pingtao Wei of 2012 Laboratories"
},
{
"lang": "en",
"type": "finder",
"value": "Ziyang Chen of 2012 Laboratories"
},
{
"lang": "en",
"type": "finder",
"value": "Haoran Zhi of 2012 Laboratories"
},
{
"lang": "en",
"type": "finder",
"value": "Hongpei Li of 2012 Laboratories"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Request smuggling vulnerability in HTTP server in Apache bRPC 0.9.5~1.7.0 on all platforms allows attacker to smuggle request.\u003cbr\u003e\u003cbr\u003e\u003cp\u003e\u003cb\u003eVulnerability Cause Description\uff1a\u003c/b\u003e\u003cu\u003e\u003c/u\u003e\u003cu\u003e\u003c/u\u003e\u003c/p\u003e\u003cp\u003eThe http_parser does not comply with the RFC-7230 HTTP 1.1 specification.\u003c/p\u003e\u003cbr\u003e\u003cb\u003eAttack\u0026nbsp;scenario:\u003cbr\u003e\u003c/b\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIf a message is received with both a Transfer-Encoding and a Content-Length header field, such a message might indicate an attempt to perform request smuggling or response splitting.\u003c/span\u003e\u003cbr\u003e\u003cp\u003eOne particular attack scenario is that a bRPC made http server on the backend receiving requests in one persistent connection from frontend server that uses TE to parse request with the logic that \u0027chunk\u0027 is contained in the TE field. in that case an attacker can smuggle a request into the connection to the backend server.\u0026nbsp;\u003cbr\u003e\u003c/p\u003e\u003cbr\u003e\u003cb\u003eSolution:\u003cbr\u003e\u003c/b\u003eYou can choose one solution from below:\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e1. Upgrade bRPC to version 1.8.0, which fixes this issue. Download link: \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/apache/brpc/releases/tag/1.8.0\"\u003ehttps://github.com/apache/brpc/releases/tag/1.8.0\u003cbr\u003e\u003c/a\u003e2. Apply this patch:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/apache/brpc/pull/2518\"\u003ehttps://github.com/apache/brpc/pull/2518\u003c/a\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Request smuggling vulnerability in HTTP server in Apache bRPC 0.9.5~1.7.0 on all platforms allows attacker to smuggle request.\n\nVulnerability Cause Description\uff1a\n\nThe http_parser does not comply with the RFC-7230 HTTP 1.1 specification.\n\nAttack\u00a0scenario:\nIf a message is received with both a Transfer-Encoding and a Content-Length header field, such a message might indicate an attempt to perform request smuggling or response splitting.\nOne particular attack scenario is that a bRPC made http server on the backend receiving requests in one persistent connection from frontend server that uses TE to parse request with the logic that \u0027chunk\u0027 is contained in the TE field. in that case an attacker can smuggle a request into the connection to the backend server.\u00a0\n\nSolution:\nYou can choose one solution from below:\n1. Upgrade bRPC to version 1.8.0, which fixes this issue. Download link: https://github.com/apache/brpc/releases/tag/1.8.0\n 2. Apply this patch:\u00a0 https://github.com/apache/brpc/pull/2518"
}
],
"metrics": [
{
"other": {
"content": {
"text": "moderate"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444 Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-08T09:00:08.888Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"release-notes"
],
"url": "https://github.com/apache/brpc/releases/tag/1.8.0"
},
{
"tags": [
"patch"
],
"url": "https://github.com/apache/brpc/pull/2518"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/kkvdpwyr2s2yt9qvvxfdzon012898vxd"
},
{
"url": "http://www.openwall.com/lists/oss-security/2024/02/08/1"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache bRPC: HTTP request smuggling vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2024-23452",
"datePublished": "2024-02-08T09:00:04.809Z",
"dateReserved": "2024-01-17T02:54:25.488Z",
"dateUpdated": "2025-06-04T15:07:20.721Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23316 (GCVE-0-2024-23316)
Vulnerability from cvelistv5 – Published: 2024-05-31 19:08 – Updated: 2024-08-01 22:59- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
| Vendor | Product | Version | |
|---|---|---|---|
| Ping Identity | PingAccess |
Affected:
0 , < 8.0.1
(custom)
|
|
| pingidentity | pingaccess |
Affected:
0 , < 8.0.1
(custom)
cpe:2.3:a:pingidentity:pingaccess:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:pingidentity:pingaccess:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pingaccess",
"vendor": "pingidentity",
"versions": [
{
"lessThan": "8.0.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23316",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-03T15:21:45.806966Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-05T18:41:55.387Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:32.210Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.pingidentity.com/s/article/SECADV045-PA-HTTP-Smuggling"
},
{
"tags": [
"x_transferred"
],
"url": "https://docs.pingidentity.com/r/en-us/pingaccess-80/pa_801_rn"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.pingidentity.com/en/resources/downloads/pingaccess.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "PingAccess",
"vendor": "Ping Identity",
"versions": [
{
"lessThan": "8.0.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "HTTP request desynchronization in Ping Identity PingAccess, all versions prior to 8.0.1 affected allows an attacker to send specially crafted http header requests to create a request smuggling condition for proxied requests."
}
],
"value": "HTTP request desynchronization in Ping Identity PingAccess, all versions prior to 8.0.1 affected allows an attacker to send specially crafted http header requests to create a request smuggling condition for proxied requests."
}
],
"impacts": [
{
"capecId": "CAPEC-33",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-33 HTTP Request Smuggling"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "AUTOMATIC",
"Safety": "PRESENT",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/S:P/AU:Y/R:A/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444 Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-31T19:08:35.381Z",
"orgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"shortName": "Ping Identity"
},
"references": [
{
"url": "https://support.pingidentity.com/s/article/SECADV045-PA-HTTP-Smuggling"
},
{
"url": "https://docs.pingidentity.com/r/en-us/pingaccess-80/pa_801_rn"
},
{
"url": "https://www.pingidentity.com/en/resources/downloads/pingaccess.html"
}
],
"source": {
"advisory": "SECADV045",
"defect": [
"PA-15610"
],
"discovery": "EXTERNAL"
},
"title": "PingAccess HTTP Request Desynchronization Weakness",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "5998a2e9-ae88-42cd-b6e0-7564fd979f9e",
"assignerShortName": "Ping Identity",
"cveId": "CVE-2024-23316",
"datePublished": "2024-05-31T19:08:35.381Z",
"dateReserved": "2024-01-17T17:27:24.608Z",
"dateUpdated": "2024-08-01T22:59:32.210Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22279 (GCVE-0-2024-22279)
Vulnerability from cvelistv5 – Published: 2024-06-10 19:47 – Updated: 2024-08-01 22:43- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
| Vendor | Product | Version | |
|---|---|---|---|
| Cloud Foundry | Routing Release |
Affected:
v0.273.0 , ≤ v0.297.0
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22279",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-11T17:23:05.965897Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-11T17:23:34.311Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.216Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cloudfoundry.org/blog/cve-2024-22279-gorouter-denial-of-service-attack/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Routing Release",
"vendor": "Cloud Foundry",
"versions": [
{
"lessThanOrEqual": "v0.297.0",
"status": "affected",
"version": "v0.273.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-06-05T08:01:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper handling of requests in Routing Release \u0026gt; v0.273.0 and \u0026lt;= v0.297.0 allows an unauthenticated attacker to degrade\n the service availability of the Cloud Foundry deployment if performed at scale.\u003cbr\u003e"
}
],
"value": "Improper handling of requests in Routing Release \u003e v0.273.0 and \u003c= v0.297.0 allows an unauthenticated attacker to degrade\n the service availability of the Cloud Foundry deployment if performed at scale."
}
],
"impacts": [
{
"capecId": "CAPEC-469",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-469 HTTP DoS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444 Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-10T19:49:06.691Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://www.cloudfoundry.org/blog/cve-2024-22279-gorouter-denial-of-service-attack/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "GoRouter Denial of Service Attack",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2024-22279",
"datePublished": "2024-06-10T19:47:43.939Z",
"dateReserved": "2024-01-08T18:43:18.959Z",
"dateUpdated": "2024-08-01T22:43:34.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-21647 (GCVE-0-2024-21647)
Vulnerability from cvelistv5 – Published: 2024-01-08 13:45 – Updated: 2025-11-03 21:53- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
| URL | Tags |
|---|---|
| https://github.com/puma/puma/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/puma/puma/commit/5fc43d73b6ff1… | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2024… |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:53:27.921Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/puma/puma/security/advisories/GHSA-c2f4-cvqm-65w2",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/puma/puma/security/advisories/GHSA-c2f4-cvqm-65w2"
},
{
"name": "https://github.com/puma/puma/commit/5fc43d73b6ff193325e657a24ed76dec79133e93",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/puma/puma/commit/5fc43d73b6ff193325e657a24ed76dec79133e93"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00004.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21647",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T15:56:45.519791Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T14:37:47.971Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "puma",
"vendor": "puma",
"versions": [
{
"status": "affected",
"version": "\u003c 5.6.8"
},
{
"status": "affected",
"version": "\u003e= 6.0.0, \u003c 6.4.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Puma is a web server for Ruby/Rack applications built for parallelism. Prior to version 6.4.2, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies in a way that allowed HTTP request smuggling. Fixed versions limits the size of chunk extensions. Without this limit, an attacker could cause unbounded resource (CPU, network bandwidth) consumption. This vulnerability has been fixed in versions 6.4.2 and 5.6.8.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-08T13:45:27.510Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/puma/puma/security/advisories/GHSA-c2f4-cvqm-65w2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/puma/puma/security/advisories/GHSA-c2f4-cvqm-65w2"
},
{
"name": "https://github.com/puma/puma/commit/5fc43d73b6ff193325e657a24ed76dec79133e93",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/puma/puma/commit/5fc43d73b6ff193325e657a24ed76dec79133e93"
}
],
"source": {
"advisory": "GHSA-c2f4-cvqm-65w2",
"discovery": "UNKNOWN"
},
"title": "HTTP Request/Response Smuggling in puma"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-21647",
"datePublished": "2024-01-08T13:45:27.510Z",
"dateReserved": "2023-12-29T16:10:20.366Z",
"dateUpdated": "2025-11-03T21:53:27.921Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-12397 (GCVE-0-2024-12397)
Vulnerability from cvelistv5 – Published: 2024-12-12 09:05 – Updated: 2026-01-28 15:45- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2025:0900 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2025:3018 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2025:8761 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/security/cve/CVE-2024-12397 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2331298 | issue-trackingx_refsource_REDHAT |
| Vendor | Product | Version | |
|---|---|---|---|
|
Affected:
0 , < 5.3.4
(semver)
|
|||
| Red Hat | Cryostat 4 on RHEL 9 |
Unaffected:
0.5.0-6 , < *
(rpm)
cpe:/a:redhat:cryostat:4::el9 |
|
| Red Hat | Cryostat 4 on RHEL 9 |
Unaffected:
4.0.0-7 , < *
(rpm)
cpe:/a:redhat:cryostat:4::el9 |
|
| Red Hat | HawtIO HawtIO 4.2.0 |
cpe:/a:redhat:apache_camel_hawtio:4.2::el6 |
|
| Red Hat | Red Hat build of Quarkus 3.15.3 |
cpe:/a:redhat:quarkus:3.15::el8 |
|
| Red Hat | Cryostat 3 |
cpe:/a:redhat:cryostat:3 |
|
| Red Hat | Red Hat build of Apache Camel 4 for Quarkus 3 |
cpe:/a:redhat:camel_quarkus:3 |
|
| Red Hat | Red Hat build of Apicurio Registry 2 |
cpe:/a:redhat:service_registry:2 |
|
| Red Hat | Red Hat Build of Keycloak |
cpe:/a:redhat:build_keycloak: |
|
| Red Hat | Red Hat build of OptaPlanner 8 |
cpe:/a:redhat:optaplanner:::el6 |
|
| Red Hat | Red Hat Fuse 7 |
cpe:/a:redhat:jboss_fuse:7 |
|
| Red Hat | Red Hat Integration Camel K 1 |
cpe:/a:redhat:integration:1 |
|
| Red Hat | Red Hat JBoss Enterprise Application Platform 8 |
cpe:/a:redhat:jboss_enterprise_application_platform:8 |
|
| Red Hat | Red Hat JBoss Enterprise Application Platform Expansion Pack |
cpe:/a:redhat:jbosseapxp |
|
| Red Hat | Red Hat Process Automation 7 |
cpe:/a:redhat:jboss_enterprise_bpms_platform:7 |
|
| Red Hat | streams for Apache Kafka |
cpe:/a:redhat:amq_streams:1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12397",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-12T15:31:47.316503Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-12T15:45:08.143Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/quarkusio/quarkus-http",
"defaultStatus": "unaffected",
"packageName": "quarkus-http",
"versions": [
{
"lessThan": "5.3.4",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:cryostat:4::el9"
],
"defaultStatus": "affected",
"packageName": "cryostat/cryostat-agent-init-rhel9",
"product": "Cryostat 4 on RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0.5.0-6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:cryostat:4::el9"
],
"defaultStatus": "affected",
"packageName": "cryostat/cryostat-db-rhel9",
"product": "Cryostat 4 on RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "4.0.0-7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:cryostat:4::el9"
],
"defaultStatus": "affected",
"packageName": "cryostat/cryostat-grafana-dashboard-rhel9",
"product": "Cryostat 4 on RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "4.0.0-7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:cryostat:4::el9"
],
"defaultStatus": "affected",
"packageName": "cryostat/cryostat-openshift-console-plugin-rhel9",
"product": "Cryostat 4 on RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "4.0.0-7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:cryostat:4::el9"
],
"defaultStatus": "affected",
"packageName": "cryostat/cryostat-operator-bundle",
"product": "Cryostat 4 on RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "4.0.0-7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:cryostat:4::el9"
],
"defaultStatus": "affected",
"packageName": "cryostat/cryostat-ose-oauth-proxy-rhel9",
"product": "Cryostat 4 on RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "4.0.0-7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:cryostat:4::el9"
],
"defaultStatus": "affected",
"packageName": "cryostat/cryostat-reports-rhel9",
"product": "Cryostat 4 on RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "4.0.0-7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:cryostat:4::el9"
],
"defaultStatus": "affected",
"packageName": "cryostat/cryostat-rhel9",
"product": "Cryostat 4 on RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "4.0.0-7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:cryostat:4::el9"
],
"defaultStatus": "affected",
"packageName": "cryostat/cryostat-rhel9-operator",
"product": "Cryostat 4 on RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "4.0.0-7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:cryostat:4::el9"
],
"defaultStatus": "affected",
"packageName": "cryostat/cryostat-storage-rhel9",
"product": "Cryostat 4 on RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "4.0.0-7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:cryostat:4::el9"
],
"defaultStatus": "affected",
"packageName": "cryostat/jfr-datasource-rhel9",
"product": "Cryostat 4 on RHEL 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "4.0.0-7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:apache_camel_hawtio:4.2::el6"
],
"defaultStatus": "unaffected",
"packageName": "io.quarkus.http/quarkus-http-core",
"product": "HawtIO HawtIO 4.2.0",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
"cpes": [
"cpe:/a:redhat:quarkus:3.15::el8"
],
"defaultStatus": "unaffected",
"packageName": "io.quarkus.http/quarkus-http-core",
"product": "Red Hat build of Quarkus 3.15.3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:cryostat:3"
],
"defaultStatus": "affected",
"packageName": "io.quarkus.http/quarkus-http-core",
"product": "Cryostat 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:camel_quarkus:3"
],
"defaultStatus": "affected",
"packageName": "com.redhat.quarkus.platform/quarkus-camel-bom",
"product": "Red Hat build of Apache Camel 4 for Quarkus 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:camel_quarkus:3"
],
"defaultStatus": "affected",
"packageName": "com.redhat.quarkus.platform/quarkus-cxf-bom",
"product": "Red Hat build of Apache Camel 4 for Quarkus 3",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:service_registry:2"
],
"defaultStatus": "affected",
"packageName": "io.quarkus.http/quarkus-http-core",
"product": "Red Hat build of Apicurio Registry 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:build_keycloak:"
],
"defaultStatus": "affected",
"packageName": "io.quarkus.http/quarkus-http-core",
"product": "Red Hat Build of Keycloak",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:optaplanner:::el6"
],
"defaultStatus": "affected",
"packageName": "io.quarkus.http/quarkus-http-core",
"product": "Red Hat build of OptaPlanner 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_fuse:7"
],
"defaultStatus": "unknown",
"packageName": "io.quarkus.http/quarkus-http-core",
"product": "Red Hat Fuse 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:integration:1"
],
"defaultStatus": "affected",
"packageName": "io.quarkus.http/quarkus-http-core",
"product": "Red Hat Integration Camel K 1",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8"
],
"defaultStatus": "unaffected",
"packageName": "io.quarkus.http/quarkus-http-core",
"product": "Red Hat JBoss Enterprise Application Platform 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
"cpes": [
"cpe:/a:redhat:jbosseapxp"
],
"defaultStatus": "unaffected",
"packageName": "io.quarkus.http/quarkus-http-core",
"product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
],
"defaultStatus": "affected",
"packageName": "io.quarkus.http/quarkus-http-core",
"product": "Red Hat Process Automation 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:amq_streams:1"
],
"defaultStatus": "affected",
"packageName": "io.quarkus.http/quarkus-http-core",
"product": "streams for Apache Kafka",
"vendor": "Red Hat"
}
],
"datePublic": "2024-12-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Quarkus-HTTP, which incorrectly parses cookies with\ncertain value-delimiting characters in incoming requests. This issue could\nallow an attacker to construct a cookie value to exfiltrate HttpOnly cookie\nvalues or spoof arbitrary additional cookie values, leading to unauthorized\ndata access or modification. The main threat from this flaw impacts data\nconfidentiality and integrity."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-28T15:45:38.773Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2025:0900",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:0900"
},
{
"name": "RHSA-2025:3018",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:3018"
},
{
"name": "RHSA-2025:8761",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:8761"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-12397"
},
{
"name": "RHBZ#2331298",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331298"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-12-10T01:15:33.380Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-12-10T00:00:00.000Z",
"value": "Made public."
}
],
"title": "Io.quarkus.http/quarkus-http-core: quarkus http cookie smuggling",
"workarounds": [
{
"lang": "en",
"value": "Currently, no mitigation is available for this vulnerability."
}
],
"x_generator": {
"engine": "cvelib 1.8.0"
},
"x_redhatCweChain": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-12397",
"datePublished": "2024-12-12T09:05:28.451Z",
"dateReserved": "2024-12-10T01:22:12.303Z",
"dateUpdated": "2026-01-28T15:45:38.773Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-10264 (GCVE-0-2024-10264)
Vulnerability from cvelistv5 – Published: 2025-03-20 10:10 – Updated: 2025-03-20 18:31- CWE-444 - Inconsistent Interpretation of HTTP Requests
| Vendor | Product | Version | |
|---|---|---|---|
| netease-youdao | netease-youdao/qanything |
Affected:
unspecified , ≤ latest
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-10264",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T17:52:27.313679Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T18:31:45.800Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "netease-youdao/qanything",
"vendor": "netease-youdao",
"versions": [
{
"lessThanOrEqual": "latest",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HTTP Request Smuggling vulnerability in netease-youdao/qanything version 1.4.1 allows attackers to exploit inconsistencies in the interpretation of HTTP requests between a proxy and a server. This can lead to unauthorized access, bypassing security controls, session hijacking, data leakage, and potentially arbitrary code execution."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444 Inconsistent Interpretation of HTTP Requests",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T10:10:04.256Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntr_ai"
},
"references": [
{
"url": "https://huntr.com/bounties/988247d5-fd60-4d85-845a-e867d62c0d02"
}
],
"source": {
"advisory": "988247d5-fd60-4d85-845a-e867d62c0d02",
"discovery": "EXTERNAL"
},
"title": "HTTP Request Smuggling in netease-youdao/qanything"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntr_ai",
"cveId": "CVE-2024-10264",
"datePublished": "2025-03-20T10:10:04.256Z",
"dateReserved": "2024-10-22T20:51:59.708Z",
"dateUpdated": "2025-03-20T18:31:45.800Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9666 (GCVE-0-2024-9666)
Vulnerability from cvelistv5 – Published: 2024-11-25 07:29 – Updated: 2025-12-22 06:09- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2024:10175 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:10176 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:10177 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:10178 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/security/cve/CVE-2024-9666 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2317440 | issue-trackingx_refsource_REDHAT |
| Vendor | Product | Version | |
|---|---|---|---|
|
Affected:
0 , < 24.0.9
(semver)
Affected: 25.0.0 , < 26.0.6 (semver) |
|||
| Red Hat | Red Hat build of Keycloak 24 |
Unaffected:
24.0.9-1 , < *
(rpm)
cpe:/a:redhat:build_keycloak:24::el9 |
|
| Red Hat | Red Hat build of Keycloak 24 |
Unaffected:
24-18 , < *
(rpm)
cpe:/a:redhat:build_keycloak:24::el9 |
|
| Red Hat | Red Hat build of Keycloak 24.0.9 |
cpe:/a:redhat:build_keycloak:24 |
|
| Red Hat | Red Hat build of Keycloak 26.0 |
Unaffected:
26.0.6-2 , < *
(rpm)
cpe:/a:redhat:build_keycloak:26.0::el9 |
|
| Red Hat | Red Hat build of Keycloak 26.0 |
Unaffected:
26.0-5 , < *
(rpm)
cpe:/a:redhat:build_keycloak:26.0::el9 |
|
| Red Hat | Red Hat build of Keycloak 26.0 |
Unaffected:
26.0-6 , < *
(rpm)
cpe:/a:redhat:build_keycloak:26.0::el9 |
|
| Red Hat | Red Hat build of Keycloak 26.0.6 |
cpe:/a:redhat:build_keycloak:26 |
|
| Red Hat | Red Hat JBoss Enterprise Application Platform 8 |
cpe:/a:redhat:jboss_enterprise_application_platform:8 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9666",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-25T17:14:55.721958Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-25T17:15:56.948Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/keycloak/keycloak",
"defaultStatus": "unaffected",
"packageName": "keycloak",
"versions": [
{
"lessThan": "24.0.9",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "26.0.6",
"status": "affected",
"version": "25.0.0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:build_keycloak:24::el9"
],
"defaultStatus": "affected",
"packageName": "rhbk/keycloak-operator-bundle",
"product": "Red Hat build of Keycloak 24",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "24.0.9-1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:build_keycloak:24::el9"
],
"defaultStatus": "affected",
"packageName": "rhbk/keycloak-rhel9",
"product": "Red Hat build of Keycloak 24",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "24-18",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:build_keycloak:24::el9"
],
"defaultStatus": "affected",
"packageName": "rhbk/keycloak-rhel9-operator",
"product": "Red Hat build of Keycloak 24",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "24-18",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:build_keycloak:24"
],
"defaultStatus": "unaffected",
"packageName": "org.keycloak/keycloak-quarkus-server",
"product": "Red Hat build of Keycloak 24.0.9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:build_keycloak:26.0::el9"
],
"defaultStatus": "affected",
"packageName": "rhbk/keycloak-operator-bundle",
"product": "Red Hat build of Keycloak 26.0",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "26.0.6-2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:build_keycloak:26.0::el9"
],
"defaultStatus": "affected",
"packageName": "rhbk/keycloak-rhel9",
"product": "Red Hat build of Keycloak 26.0",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "26.0-5",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:build_keycloak:26.0::el9"
],
"defaultStatus": "affected",
"packageName": "rhbk/keycloak-rhel9-operator",
"product": "Red Hat build of Keycloak 26.0",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "26.0-6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:build_keycloak:26"
],
"defaultStatus": "unaffected",
"packageName": "org.keycloak/keycloak-quarkus-server",
"product": "Red Hat build of Keycloak 26.0.6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8"
],
"defaultStatus": "unaffected",
"packageName": "org.keycloak/keycloak-quarkus-server",
"product": "Red Hat JBoss Enterprise Application Platform 8",
"vendor": "Red Hat"
}
],
"datePublic": "2024-11-21T16:45:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in the Keycloak Server. The Keycloak Server is vulnerable to a denial of service (DoS) attack due to improper handling of proxy headers. When Keycloak is configured to accept incoming proxy headers, it may accept non-IP values, such as obfuscated identifiers, without proper validation. This issue can lead to costly DNS resolution operations, which an attacker could exploit to tie up IO threads and potentially cause a denial of service.\nThe attacker must have access to send requests to a Keycloak instance that is configured to accept proxy headers, specifically when reverse proxies do not overwrite incoming headers, and Keycloak is configured to trust these headers."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Low"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-22T06:09:19.514Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2024:10175",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:10175"
},
{
"name": "RHSA-2024:10176",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:10176"
},
{
"name": "RHSA-2024:10177",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:10177"
},
{
"name": "RHSA-2024:10178",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:10178"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-9666"
},
{
"name": "RHBZ#2317440",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317440"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-10-08T22:25:08.077Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-11-21T16:45:00.000Z",
"value": "Made public."
}
],
"title": "Org.keycloak/keycloak-quarkus-server: keycloak proxy header handling denial-of-service (dos) vulnerability",
"x_generator": {
"engine": "cvelib 1.8.0"
},
"x_redhatCweChain": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-9666",
"datePublished": "2024-11-25T07:29:52.073Z",
"dateReserved": "2024-10-08T22:36:23.598Z",
"dateUpdated": "2025-12-22T06:09:19.514Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-9622 (GCVE-0-2024-9622)
Vulnerability from cvelistv5 – Published: 2024-10-08 16:26 – Updated: 2025-11-21 07:28- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
| URL | Tags |
|---|---|
| https://access.redhat.com/security/cve/CVE-2024-9622 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2317179 | issue-trackingx_refsource_REDHAT |
| https://github.com/orgs/resteasy/discussions/4351 | |
| https://github.com/resteasy/resteasy |
| Vendor | Product | Version | |
|---|---|---|---|
|
Affected:
0 , < 6.2.10
(semver)
|
|||
| Red Hat | Red Hat JBoss Data Grid 7 |
cpe:/a:redhat:jboss_data_grid:7 |
|
| Red Hat | Red Hat JBoss Enterprise Application Platform 7 |
cpe:/a:redhat:jboss_enterprise_application_platform:7 |
|
| Red Hat | Red Hat JBoss Enterprise Application Platform 8 |
cpe:/a:redhat:jboss_enterprise_application_platform:8 |
|
| Red Hat | Red Hat JBoss Enterprise Application Platform Expansion Pack |
cpe:/a:redhat:jbosseapxp |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9622",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T17:40:56.948566Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T17:41:44.141Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/resteasy/resteasy",
"defaultStatus": "unaffected",
"packageName": "resteasy-netty4",
"versions": [
{
"lessThan": "6.2.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
"cpes": [
"cpe:/a:redhat:jboss_data_grid:7"
],
"defaultStatus": "unknown",
"packageName": "org.jboss.resteasy/resteasy-netty4",
"product": "Red Hat JBoss Data Grid 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
"cpes": [
"cpe:/a:redhat:jboss_data_grid:7"
],
"defaultStatus": "unknown",
"packageName": "org.jboss.resteasy/resteasy-netty4-cdi",
"product": "Red Hat JBoss Data Grid 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7"
],
"defaultStatus": "unaffected",
"packageName": "org.jboss.resteasy/resteasy-netty4",
"product": "Red Hat JBoss Enterprise Application Platform 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7"
],
"defaultStatus": "unaffected",
"packageName": "org.jboss.resteasy/resteasy-netty4-cdi",
"product": "Red Hat JBoss Enterprise Application Platform 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8"
],
"defaultStatus": "unaffected",
"packageName": "org.jboss.resteasy/resteasy-netty4",
"product": "Red Hat JBoss Enterprise Application Platform 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8"
],
"defaultStatus": "unaffected",
"packageName": "org.jboss.resteasy/resteasy-netty4-cdi",
"product": "Red Hat JBoss Enterprise Application Platform 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
"cpes": [
"cpe:/a:redhat:jbosseapxp"
],
"defaultStatus": "unaffected",
"packageName": "org.jboss.resteasy/resteasy-netty4",
"product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
"cpes": [
"cpe:/a:redhat:jbosseapxp"
],
"defaultStatus": "unaffected",
"packageName": "org.jboss.resteasy/resteasy-netty4-cdi",
"product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
"vendor": "Red Hat"
}
],
"datePublic": "2024-10-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in the resteasy-netty4 library arising from improper handling of HTTP requests using smuggling techniques. When an HTTP smuggling request with an ASCII control character is sent, it causes the Netty HttpObjectDecoder to transition into a BAD_MESSAGE state. As a result, any subsequent legitimate requests on the same connection are ignored, leading to client timeouts, which may impact systems using load balancers and expose them to risk."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Low"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-21T07:28:36.663Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-9622"
},
{
"name": "RHBZ#2317179",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317179"
},
{
"url": "https://github.com/orgs/resteasy/discussions/4351"
},
{
"url": "https://github.com/resteasy/resteasy"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-10-08T08:00:08.552Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-10-08T00:00:00.000Z",
"value": "Made public."
}
],
"title": "Resteasy-netty4-cdi: resteasy-netty4: resteasy-reactor-netty: http request smuggling leading to client timeouts in resteasy-netty4",
"x_redhatCweChain": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-9622",
"datePublished": "2024-10-08T16:26:13.413Z",
"dateReserved": "2024-10-08T08:48:41.620Z",
"dateUpdated": "2025-11-21T07:28:36.663Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-8912 (GCVE-0-2024-8912)
Vulnerability from cvelistv5 – Published: 2024-10-11 18:22 – Updated: 2024-10-11 18:32- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
| Vendor | Product | Version | |
|---|---|---|---|
| Looker |
Affected:
23.12.0 , < 23.12.123
(custom)
Affected: 23.18.0 , < 23.18.117 (custom) Affected: 24.0.0 , < 24.0.92 (custom) Affected: 24.6.0 , < 24.6.77 (custom) Affected: 24.8.0 , < 24.8.66 (custom) Affected: 24.10.0 , < 24.10.78 (custom) Affected: 24.12.0 , < 24.12.56 (custom) Affected: 24.14.0 , < 24.14.37 (custom) |
||
| Looker |
Affected:
23.6 , ≤ 24.14
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8912",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-11T18:32:06.265105Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-11T18:32:20.493Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Customer-hosted instances"
],
"product": "Looker",
"vendor": "Google",
"versions": [
{
"lessThan": "23.12.123",
"status": "affected",
"version": "23.12.0",
"versionType": "custom"
},
{
"lessThan": "23.18.117",
"status": "affected",
"version": "23.18.0",
"versionType": "custom"
},
{
"lessThan": "24.0.92",
"status": "affected",
"version": "24.0.0",
"versionType": "custom"
},
{
"lessThan": "24.6.77",
"status": "affected",
"version": "24.6.0",
"versionType": "custom"
},
{
"lessThan": "24.8.66",
"status": "affected",
"version": "24.8.0",
"versionType": "custom"
},
{
"lessThan": "24.10.78",
"status": "affected",
"version": "24.10.0",
"versionType": "custom"
},
{
"lessThan": "24.12.56",
"status": "affected",
"version": "24.12.0",
"versionType": "custom"
},
{
"lessThan": "24.14.37",
"status": "affected",
"version": "24.14.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Google Cloud core instances"
],
"product": "Looker",
"vendor": "Google",
"versions": [
{
"lessThanOrEqual": "24.14",
"status": "affected",
"version": "23.6",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn HTTP Request Smuggling vulnerability in Looker allowed an unauthorized attacker to capture HTTP responses destined for legitimate users.\u003c/p\u003e\u003cp\u003eThere are two Looker versions that are hosted by Looker:\u003c/p\u003e\u003cul\u003e\u003cli\u003eLooker (Google Cloud core) was found to be vulnerable. This issue has already been mitigated and our investigation has found no signs of exploitation.\u003c/li\u003e\u003cli\u003eLooker (original) was not vulnerable to this issue.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eCustomer-hosted Looker instances were found to be vulnerable and must be upgraded.\u003cbr\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgba(255, 255, 255, 0.95);\"\u003eThis vulnerability has been patched in all supported versions of customer-hosted Looker, which are available on the \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://download.looker.com/\"\u003eLooker download page\u003c/a\u003e\u003cspan style=\"background-color: rgba(255, 255, 255, 0.95);\"\u003e.\u003cbr\u003e\u003c/span\u003e\u003cbr\u003eFor Looker customer-hosted instances, please update to the latest supported version of Looker as soon as possible. The versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page:\u003c/p\u003e\u003cul\u003e\u003cli\u003e23.12 -\u0026gt; 23.12.123+\u003c/li\u003e\u003cli\u003e23.18 -\u0026gt; 23.18.117+\u003c/li\u003e\u003cli\u003e24.0 -\u0026gt; 24.0.92+\u003c/li\u003e\u003cli\u003e24.6 -\u0026gt; 24.6.77+\u003c/li\u003e\u003cli\u003e24.8 -\u0026gt; 24.8.66+\u003c/li\u003e\u003cli\u003e24.10 -\u0026gt; 24.10.78+\u003c/li\u003e\u003cli\u003e24.12 -\u0026gt; 24.12.56+\u003c/li\u003e\u003cli\u003e24.14 -\u0026gt; 24.14.37+\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "An HTTP Request Smuggling vulnerability in Looker allowed an unauthorized attacker to capture HTTP responses destined for legitimate users.\n\nThere are two Looker versions that are hosted by Looker:\n\n * Looker (Google Cloud core) was found to be vulnerable. This issue has already been mitigated and our investigation has found no signs of exploitation.\n * Looker (original) was not vulnerable to this issue.\n\n\nCustomer-hosted Looker instances were found to be vulnerable and must be upgraded.\n\nThis vulnerability has been patched in all supported versions of customer-hosted Looker, which are available on the Looker download page https://download.looker.com/ .\n\nFor Looker customer-hosted instances, please update to the latest supported version of Looker as soon as possible. The versions below have all been updated to protect from this vulnerability. You can download these versions at the Looker download page:\n\n * 23.12 -\u003e 23.12.123+\n * 23.18 -\u003e 23.18.117+\n * 24.0 -\u003e 24.0.92+\n * 24.6 -\u003e 24.6.77+\n * 24.8 -\u003e 24.8.66+\n * 24.10 -\u003e 24.10.78+\n * 24.12 -\u003e 24.12.56+\n * 24.14 -\u003e 24.14.37+"
}
],
"impacts": [
{
"capecId": "CAPEC-33",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-33 HTTP Request Smuggling"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444 Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-11T18:22:50.565Z",
"orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"shortName": "Google"
},
"references": [
{
"url": "https://cloud.google.com/looker/docs/best-practices/security-bulletin-09-16-24"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "HTTP Request Smuggling in Looker",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"assignerShortName": "Google",
"cveId": "CVE-2024-8912",
"datePublished": "2024-10-11T18:22:50.565Z",
"dateReserved": "2024-09-16T21:00:02.515Z",
"dateUpdated": "2024-10-11T18:32:20.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6827 (GCVE-0-2024-6827)
Vulnerability from cvelistv5 – Published: 2025-03-20 10:09 – Updated: 2025-10-15 12:50- CWE-444 - Inconsistent Interpretation of HTTP Requests
| Vendor | Product | Version | |
|---|---|---|---|
| benoitc | benoitc/gunicorn |
Affected:
unspecified , ≤ latest
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6827",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T17:52:37.458445Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T18:32:51.799Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "benoitc/gunicorn",
"vendor": "benoitc",
"versions": [
{
"lessThanOrEqual": "latest",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Gunicorn version 21.2.0 does not properly validate the value of the \u0027Transfer-Encoding\u0027 header as specified in the RFC standards, which leads to the default fallback method of \u0027Content-Length,\u0027 making it vulnerable to TE.CL request smuggling. This vulnerability can lead to cache poisoning, data exposure, session manipulation, SSRF, XSS, DoS, data integrity compromise, security bypass, information leakage, and business logic abuse."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444 Inconsistent Interpretation of HTTP Requests",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T12:50:33.638Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntr_ai"
},
"references": [
{
"url": "https://huntr.com/bounties/1b4f8f38-39da-44b6-9f98-f618639d0dd7"
}
],
"source": {
"advisory": "1b4f8f38-39da-44b6-9f98-f618639d0dd7",
"discovery": "EXTERNAL"
},
"title": "HTTP Request Smuggling in benoitc/gunicorn"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntr_ai",
"cveId": "CVE-2024-6827",
"datePublished": "2025-03-20T10:09:55.725Z",
"dateReserved": "2024-07-16T23:32:47.872Z",
"dateUpdated": "2025-10-15T12:50:33.638Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Use a web server that employs a strict HTTP parsing procedure, such as Apache [REF-433].
Mitigation
Use only SSL communication.
Mitigation
Terminate the client session after each request.
Mitigation
Turn all pages to non-cacheable.
CAPEC-273: HTTP Response Smuggling
An adversary manipulates and injects malicious content in the form of secret unauthorized HTTP responses, into a single HTTP response from a vulnerable or compromised back-end HTTP agent (e.g., server).
See CanPrecede relationships for possible consequences.
CAPEC-33: HTTP Request Smuggling
An adversary abuses the flexibility and discrepancies in the parsing and interpretation of HTTP Request messages using various HTTP headers, request-line and body parameters as well as message sizes (denoted by the end of message signaled by a given HTTP header) by different intermediary HTTP agents (e.g., load balancer, reverse proxy, web caching proxies, application firewalls, etc.) to secretly send unauthorized and malicious HTTP requests to a back-end HTTP agent (e.g., web server).
See CanPrecede relationships for possible consequences.