CWE-444
AllowedInconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
Abstraction: Base · Status: Incomplete
The product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server, but it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages will be processed by those entities that are at the ultimate destination.
550 vulnerabilities reference this CWE, most recent first.
CVE-2024-1135 (GCVE-0-2024-1135)
Vulnerability from cvelistv5 – Published: 2024-04-16 00:00 – Updated: 2025-02-13 17:27- CWE-444 - Inconsistent Interpretation of HTTP Requests
| Vendor | Product | Version | |
|---|---|---|---|
| benoitc | benoitc/gunicorn |
Affected:
unspecified , ≤ latest
(custom)
|
|
| benoitc | gunicorn |
Affected:
*
cpe:2.3:a:benoitc:gunicorn:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:benoitc:gunicorn:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "gunicorn",
"vendor": "benoitc",
"versions": [
{
"status": "affected",
"version": "*"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-1135",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-19T17:32:23.631972Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:59:56.871Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-12-20T07:02:46.961Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.com/bounties/22158e34-cfd5-41ad-97e0-a780773d96c1"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00027.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00018.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "benoitc/gunicorn",
"vendor": "benoitc",
"versions": [
{
"lessThanOrEqual": "latest",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Gunicorn fails to properly validate Transfer-Encoding headers, leading to HTTP Request Smuggling (HRS) vulnerabilities. By crafting requests with conflicting Transfer-Encoding headers, attackers can bypass security restrictions and access restricted endpoints. This issue is due to Gunicorn\u0027s handling of Transfer-Encoding headers, where it incorrectly processes requests with multiple, conflicting Transfer-Encoding headers, treating them as chunked regardless of the final encoding specified. This vulnerability allows for a range of attacks including cache poisoning, session manipulation, and data exposure."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444 Inconsistent Interpretation of HTTP Requests",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-30T23:06:05.937Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntr_ai"
},
"references": [
{
"url": "https://huntr.com/bounties/22158e34-cfd5-41ad-97e0-a780773d96c1"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00027.html"
}
],
"source": {
"advisory": "22158e34-cfd5-41ad-97e0-a780773d96c1",
"discovery": "EXTERNAL"
},
"title": "HTTP Request Smuggling in benoitc/gunicorn"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntr_ai",
"cveId": "CVE-2024-1135",
"datePublished": "2024-04-16T00:00:14.938Z",
"dateReserved": "2024-01-31T18:15:14.296Z",
"dateUpdated": "2025-02-13T17:27:34.444Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-53878 (GCVE-0-2023-53878)
Vulnerability from cvelistv5 – Published: 2025-12-15 20:28 – Updated: 2026-05-12 20:46- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/51710 | exploit |
| https://www.phpjabbers.com/member-login-script/ | product |
| https://www.vulncheck.com/advisories/member-login… | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Phpjabbers | Member Login Script |
Affected:
3.3
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-53878",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-15T21:40:14.906699Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-15T21:47:32.922Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Member Login Script",
"vendor": "Phpjabbers",
"versions": [
{
"status": "affected",
"version": "3.3"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "nu11secur1ty"
}
],
"datePublic": "2023-09-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Member Login Script 3.3 contains a client-side desynchronization vulnerability that allows attackers to manipulate HTTP request handling by exploiting Content-Length header parsing. Attackers can send crafted POST requests with smuggled secondary requests to potentially bypass server-side request processing controls."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T20:46:29.791Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-51710",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/51710"
},
{
"name": "Product Webpage",
"tags": [
"product"
],
"url": "https://www.phpjabbers.com/member-login-script/"
},
{
"name": "VulnCheck Advisory: Member Login Script 3.3 Client-Side Request Desynchronization Vulnerability",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/member-login-script-client-side-request-desynchronization-vulnerability"
}
],
"title": "Member Login Script 3.3 Client-Side Request Desynchronization Vulnerability",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2023-53878",
"datePublished": "2025-12-15T20:28:18.174Z",
"dateReserved": "2025-12-13T14:25:04.999Z",
"dateUpdated": "2026-05-12T20:46:29.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-51701 (GCVE-0-2023-51701)
Vulnerability from cvelistv5 – Published: 2024-01-08 13:55 – Updated: 2025-06-03 14:37- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
| URL | Tags |
|---|---|
| https://github.com/fastify/fastify-reply-from/sec… | x_refsource_CONFIRM |
| https://github.com/fastify/fastify-reply-from/rel… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| fastify | fastify-reply-from |
Affected:
< 9.6.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:40:34.194Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/fastify/fastify-reply-from/security/advisories/GHSA-v2v2-hph8-q5xp",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/fastify/fastify-reply-from/security/advisories/GHSA-v2v2-hph8-q5xp"
},
{
"name": "https://github.com/fastify/fastify-reply-from/releases/tag/v9.6.0",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/fastify/fastify-reply-from/releases/tag/v9.6.0"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-51701",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T15:43:47.541104Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T14:37:39.150Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "fastify-reply-from",
"vendor": "fastify",
"versions": [
{
"status": "affected",
"version": "\u003c 9.6.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. A reverse proxy server built with `@fastify/reply-from` could misinterpret the incoming body by passing an header `ContentType: application/json ; charset=utf-8`. This can lead to bypass of security checks. This vulnerability has been patched in \u0027@fastify/reply-from` version 9.6.0. \n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-08T13:55:05.071Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/fastify/fastify-reply-from/security/advisories/GHSA-v2v2-hph8-q5xp",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/fastify/fastify-reply-from/security/advisories/GHSA-v2v2-hph8-q5xp"
},
{
"name": "https://github.com/fastify/fastify-reply-from/releases/tag/v9.6.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/fastify/fastify-reply-from/releases/tag/v9.6.0"
}
],
"source": {
"advisory": "GHSA-v2v2-hph8-q5xp",
"discovery": "UNKNOWN"
},
"title": "@fastify-reply-from JSON Content-Type parsing confusion"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-51701",
"datePublished": "2024-01-08T13:55:05.071Z",
"dateReserved": "2023-12-21T21:32:12.991Z",
"dateUpdated": "2025-06-03T14:37:39.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-49584 (GCVE-0-2023-49584)
Vulnerability from cvelistv5 – Published: 2023-12-12 01:35 – Updated: 2025-05-24 10:27- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
| Vendor | Product | Version | |
|---|---|---|---|
| SAP_SE | SAP Fiori Launchpad |
Affected:
SAP_UI 750
Affected: SAP_UI 754 Affected: SAP_UI 755 Affected: SAP_UI 756 Affected: SAP_UI 757 Affected: SAP_UI 758 Affected: UI_700 200 Affected: SAP_BASIS 793 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:01:25.872Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://me.sap.com/notes/3406786"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-49584",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-24T10:27:15.975335Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-24T10:27:48.125Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "SAP Fiori Launchpad",
"vendor": "SAP_SE",
"versions": [
{
"status": "affected",
"version": "SAP_UI 750"
},
{
"status": "affected",
"version": "SAP_UI 754"
},
{
"status": "affected",
"version": "SAP_UI 755"
},
{
"status": "affected",
"version": "SAP_UI 756"
},
{
"status": "affected",
"version": "SAP_UI 757"
},
{
"status": "affected",
"version": "SAP_UI 758"
},
{
"status": "affected",
"version": "UI_700 200"
},
{
"status": "affected",
"version": "SAP_BASIS 793"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSAP Fiori launchpad - versions SAP_UI 750, SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, SAP_UI 758, UI_700 200, SAP_BASIS 793, allows an attacker to use HTTP verb POST on read-only service causing low impact on Confidentiality of the application.\u003c/p\u003e"
}
],
"value": "SAP Fiori launchpad - versions SAP_UI 750, SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, SAP_UI 758, UI_700 200, SAP_BASIS 793, allows an attacker to use HTTP verb POST on read-only service causing low impact on Confidentiality of the application.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "eng",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-12T01:35:22.515Z",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"url": "https://me.sap.com/notes/3406786"
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Client-Side Desynchronization vulnerability in SAP Fiori Launchpad",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2023-49584",
"datePublished": "2023-12-12T01:35:22.515Z",
"dateReserved": "2023-11-27T18:45:03.233Z",
"dateUpdated": "2025-05-24T10:27:48.125Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-47641 (GCVE-0-2023-47641)
Vulnerability from cvelistv5 – Published: 2023-11-14 20:44 – Updated: 2025-11-03 20:36- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
| URL | Tags |
|---|---|
| https://github.com/aio-libs/aiohttp/security/advi… | x_refsource_CONFIRM |
| https://github.com/aio-libs/aiohttp/commit/f016f0… | x_refsource_MISC |
| https://lists.debian.org/debian-lts-announce/2025… |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:36:08.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-xx9p-xxvh-7g8j",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-xx9p-xxvh-7g8j"
},
{
"name": "https://github.com/aio-libs/aiohttp/commit/f016f0680e4ace6742b03a70cb0382ce86abe371",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/aio-libs/aiohttp/commit/f016f0680e4ace6742b03a70cb0382ce86abe371"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00002.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-47641",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T20:18:44.628858Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T20:18:58.589Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "aiohttp",
"vendor": "aio-libs",
"versions": [
{
"status": "affected",
"version": "\u003c 3.8.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Affected versions of aiohttp have a security vulnerability regarding the inconsistent interpretation of the http protocol. HTTP/1.1 is a persistent protocol, if both Content-Length(CL) and Transfer-Encoding(TE) header values are present it can lead to incorrect interpretation of two entities that parse the HTTP and we can poison other sockets with this incorrect interpretation. A possible Proof-of-Concept (POC) would be a configuration with a reverse proxy(frontend) that accepts both CL and TE headers and aiohttp as backend. As aiohttp parses anything with chunked, we can pass a chunked123 as TE, the frontend entity will ignore this header and will parse Content-Length. The impact of this vulnerability is that it is possible to bypass any proxy rule, poisoning sockets to other users like passing Authentication Headers, also if it is present an Open Redirect an attacker could combine it to redirect random users to another website and log the request. This vulnerability has been addressed in release 3.8.0 of aiohttp. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.4,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-14T20:44:08.989Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-xx9p-xxvh-7g8j",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-xx9p-xxvh-7g8j"
},
{
"name": "https://github.com/aio-libs/aiohttp/commit/f016f0680e4ace6742b03a70cb0382ce86abe371",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/commit/f016f0680e4ace6742b03a70cb0382ce86abe371"
}
],
"source": {
"advisory": "GHSA-xx9p-xxvh-7g8j",
"discovery": "UNKNOWN"
},
"title": "Inconsistent interpretation of `Content-Length` vs. `Transfer-Encoding` in aiohttp"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-47641",
"datePublished": "2023-11-14T20:44:08.989Z",
"dateReserved": "2023-11-07T16:57:49.245Z",
"dateUpdated": "2025-11-03T20:36:08.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-47627 (GCVE-0-2023-47627)
Vulnerability from cvelistv5 – Published: 2023-11-14 20:48 – Updated: 2025-11-03 20:36- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:36:06.806Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg"
},
{
"name": "https://github.com/aio-libs/aiohttp/commit/d5c12ba890557a575c313bb3017910d7616fce3d",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/aio-libs/aiohttp/commit/d5c12ba890557a575c313bb3017910d7616fce3d"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VDKQ6HM3KNDU4OQI476ZWT4O7DMSIT35/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQYQL6WV535EEKSNH7KRARLLMOW5WXDM/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUSJVQ7OQ55RWL4XAX2F5EZ73N4ZSH6U/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00002.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-47627",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-10T19:22:18.504293Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-11T17:02:19.713Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "aiohttp",
"vendor": "aio-libs",
"versions": [
{
"status": "affected",
"version": "\u003c 3.8.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. The HTTP parser in AIOHTTP has numerous problems with header parsing, which could lead to request smuggling. This parser is only used when AIOHTTP_NO_EXTENSIONS is enabled (or not using a prebuilt wheel). These bugs have been addressed in commit `d5c12ba89` which has been included in release version 3.8.6. Users are advised to upgrade. There are no known workarounds for these issues."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-05T07:06:04.991Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg"
},
{
"name": "https://github.com/aio-libs/aiohttp/commit/d5c12ba890557a575c313bb3017910d7616fce3d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/aio-libs/aiohttp/commit/d5c12ba890557a575c313bb3017910d7616fce3d"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VDKQ6HM3KNDU4OQI476ZWT4O7DMSIT35/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WQYQL6WV535EEKSNH7KRARLLMOW5WXDM/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUSJVQ7OQ55RWL4XAX2F5EZ73N4ZSH6U/"
}
],
"source": {
"advisory": "GHSA-gfw2-4jvh-wgfg",
"discovery": "UNKNOWN"
},
"title": "Request smuggling in aiohttp"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-47627",
"datePublished": "2023-11-14T20:48:48.076Z",
"dateReserved": "2023-11-07T16:57:49.244Z",
"dateUpdated": "2025-11-03T20:36:06.806Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-46846 (GCVE-0-2023-46846)
Vulnerability from cvelistv5 – Published: 2023-11-03 07:33 – Updated: 2026-02-25 18:19- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
| Vendor | Product | Version | |
|---|---|---|---|
|
Affected:
2.6 , < 6.4
(semver)
|
|||
| Red Hat | Red Hat Enterprise Linux 7 Extended Lifecycle Support |
Unaffected:
7:3.5.20-17.el7_9.13 , < *
(rpm)
cpe:/o:redhat:rhel_els:7 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
Unaffected:
8080020231030214932.63b34585 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:8::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8 |
Unaffected:
8090020231030224841.a75119d5 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:8::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions |
Unaffected:
8010020231101141358.c27ad7f8 , < *
(rpm)
cpe:/a:redhat:rhel_e4s:8.1::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.2 Advanced Update Support |
Unaffected:
8020020231101135052.4cda2c84 , < *
(rpm)
cpe:/a:redhat:rhel_tus:8.2::appstream cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_e4s:8.2::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.2 Telecommunications Update Service |
Unaffected:
8020020231101135052.4cda2c84 , < *
(rpm)
cpe:/a:redhat:rhel_tus:8.2::appstream cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_e4s:8.2::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions |
Unaffected:
8020020231101135052.4cda2c84 , < *
(rpm)
cpe:/a:redhat:rhel_tus:8.2::appstream cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_e4s:8.2::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support |
Unaffected:
8040020231101101624.522a0ee4 , < *
(rpm)
cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.4 Telecommunications Update Service |
Unaffected:
8040020231101101624.522a0ee4 , < *
(rpm)
cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions |
Unaffected:
8040020231101101624.522a0ee4 , < *
(rpm)
cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream |
|
| Red Hat | Red Hat Enterprise Linux 8.6 Extended Update Support |
Unaffected:
8060020231031165747.ad008a3a , < *
(rpm)
cpe:/a:redhat:rhel_eus:8.6::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
7:5.5-5.el9_2.1 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:9::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
7:5.5-6.el9_3.1 , < *
(rpm)
cpe:/a:redhat:enterprise_linux:9::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9.0 Extended Update Support |
Unaffected:
7:5.2-1.el9_0.3 , < *
(rpm)
cpe:/a:redhat:rhel_eus:9.0::appstream |
|
| Red Hat | Red Hat Enterprise Linux 6 |
cpe:/o:redhat:enterprise_linux:6 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:53:21.849Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2023:6266",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:6266"
},
{
"name": "RHSA-2023:6267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:6267"
},
{
"name": "RHSA-2023:6268",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:6268"
},
{
"name": "RHSA-2023:6748",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:6748"
},
{
"name": "RHSA-2023:6801",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:6801"
},
{
"name": "RHSA-2023:6803",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:6803"
},
{
"name": "RHSA-2023:6804",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:6804"
},
{
"name": "RHSA-2023:6810",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:6810"
},
{
"name": "RHSA-2023:7213",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:7213"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-46846"
},
{
"name": "RHBZ#2245910",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245910"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/squid-cache/squid/security/advisories/GHSA-j83v-w3p4-5cqh"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00003.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00008.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231130-0002/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-46846",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2023-12-19T21:18:15.819621Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-03T14:31:21.611Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/squid-cache/squid",
"defaultStatus": "unaffected",
"packageName": "squid",
"versions": [
{
"lessThan": "6.4",
"status": "affected",
"version": "2.6",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_els:7"
],
"defaultStatus": "affected",
"packageName": "squid",
"product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "7:3.5.20-17.el7_9.13",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream"
],
"defaultStatus": "affected",
"packageName": "squid:4",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8080020231030214932.63b34585",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream"
],
"defaultStatus": "affected",
"packageName": "squid:4",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8090020231030224841.a75119d5",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.1::appstream"
],
"defaultStatus": "affected",
"packageName": "squid:4",
"product": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8010020231101141358.c27ad7f8",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_tus:8.2::appstream",
"cpe:/a:redhat:rhel_aus:8.2::appstream",
"cpe:/a:redhat:rhel_e4s:8.2::appstream"
],
"defaultStatus": "affected",
"packageName": "squid:4",
"product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8020020231101135052.4cda2c84",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_tus:8.2::appstream",
"cpe:/a:redhat:rhel_aus:8.2::appstream",
"cpe:/a:redhat:rhel_e4s:8.2::appstream"
],
"defaultStatus": "affected",
"packageName": "squid:4",
"product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8020020231101135052.4cda2c84",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_tus:8.2::appstream",
"cpe:/a:redhat:rhel_aus:8.2::appstream",
"cpe:/a:redhat:rhel_e4s:8.2::appstream"
],
"defaultStatus": "affected",
"packageName": "squid:4",
"product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8020020231101135052.4cda2c84",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.4::appstream",
"cpe:/a:redhat:rhel_tus:8.4::appstream",
"cpe:/a:redhat:rhel_aus:8.4::appstream"
],
"defaultStatus": "affected",
"packageName": "squid:4",
"product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8040020231101101624.522a0ee4",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.4::appstream",
"cpe:/a:redhat:rhel_tus:8.4::appstream",
"cpe:/a:redhat:rhel_aus:8.4::appstream"
],
"defaultStatus": "affected",
"packageName": "squid:4",
"product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8040020231101101624.522a0ee4",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.4::appstream",
"cpe:/a:redhat:rhel_tus:8.4::appstream",
"cpe:/a:redhat:rhel_aus:8.4::appstream"
],
"defaultStatus": "affected",
"packageName": "squid:4",
"product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8040020231101101624.522a0ee4",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_eus:8.6::appstream"
],
"defaultStatus": "affected",
"packageName": "squid:4",
"product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "8060020231031165747.ad008a3a",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"packageName": "squid",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "7:5.5-5.el9_2.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"packageName": "squid",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "7:5.5-6.el9_3.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_eus:9.0::appstream"
],
"defaultStatus": "affected",
"packageName": "squid",
"product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "7:5.2-1.el9_0.3",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "affected",
"packageName": "squid",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "affected",
"packageName": "squid34",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
}
],
"datePublic": "2023-10-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-25T18:19:15.815Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2023:6266",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:6266"
},
{
"name": "RHSA-2023:6267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:6267"
},
{
"name": "RHSA-2023:6268",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:6268"
},
{
"name": "RHSA-2023:6748",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:6748"
},
{
"name": "RHSA-2023:6801",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:6801"
},
{
"name": "RHSA-2023:6803",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:6803"
},
{
"name": "RHSA-2023:6804",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:6804"
},
{
"name": "RHSA-2023:6810",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:6810"
},
{
"name": "RHSA-2023:7213",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2023:7213"
},
{
"name": "RHSA-2024:11049",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:11049"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-46846"
},
{
"name": "RHBZ#2245910",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245910"
},
{
"url": "https://github.com/squid-cache/squid/security/advisories/GHSA-j83v-w3p4-5cqh"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-10-24T00:00:00.000Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2023-10-19T00:00:00.000Z",
"value": "Made public."
}
],
"title": "Squid: request/response smuggling in http/1.1 and icap",
"x_generator": {
"engine": "cvelib 1.8.0"
},
"x_redhatCweChain": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-46846",
"datePublished": "2023-11-03T07:33:16.184Z",
"dateReserved": "2023-10-27T08:36:38.158Z",
"dateUpdated": "2026-02-25T18:19:15.815Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-46589 (GCVE-0-2023-46589)
Vulnerability from cvelistv5 – Published: 2023-11-28 15:31 – Updated: 2025-10-29 12:00- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
| URL | Tags |
|---|---|
| https://lists.apache.org/thread/0rqq6ktozqc42ro8h… | vendor-advisory |
| https://www.openwall.com/lists/oss-security/2023/… | |
| https://security.netapp.com/advisory/ntap-2023121… | x_transferred |
| https://lists.debian.org/debian-lts-announce/2024… | x_transferred |
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Tomcat |
Affected:
11.0.0-M1 , ≤ 11.0.0-M10
(semver)
Affected: 10.1.0-M1 , ≤ 10.1.15 (semver) Affected: 9.0.0-M1 , ≤ 9.0.82 (semver) Affected: 8.5.0 , ≤ 8.5.95 (semver) Unknown: 3 , < 8.5.0 (semver) Unknown: 10.0.0-M1 , ≤ 10.0.27 (semver) |
|
| apache | tomcat |
Affected:
11.0.0-m1 , ≤ 11.0.0-m10
(custom)
Affected: 10.1.0-M1 , ≤ 10.1.15 (custom) Affected: 9.0.0-M1 , ≤ 9.0.82 (custom) Affected: 8.5.0 , ≤ 8.5.95 (custom) cpe:2.3:a:apache:tomcat:-:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apache:tomcat:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "tomcat",
"vendor": "apache",
"versions": [
{
"lessThanOrEqual": "11.0.0-m10",
"status": "affected",
"version": "11.0.0-m1",
"versionType": "custom"
},
{
"lessThanOrEqual": "10.1.15",
"status": "affected",
"version": "10.1.0-M1",
"versionType": "custom"
},
{
"lessThanOrEqual": "9.0.82",
"status": "affected",
"version": "9.0.0-M1",
"versionType": "custom"
},
{
"lessThanOrEqual": "8.5.95",
"status": "affected",
"version": "8.5.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-46589",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-11T16:04:24.661745Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-21T13:49:04.877Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:45:42.297Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.apache.org/thread/0rqq6ktozqc42ro8hhxdmmdjm1k1tpxr"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2023/11/28/2"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231214-0009/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Apache Tomcat",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "11.0.0-M10",
"status": "affected",
"version": "11.0.0-M1",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.1.15",
"status": "affected",
"version": "10.1.0-M1",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.0.82",
"status": "affected",
"version": "9.0.0-M1",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.5.95",
"status": "affected",
"version": "8.5.0",
"versionType": "semver"
},
{
"lessThan": "8.5.0",
"status": "unknown",
"version": "3",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.0.27",
"status": "unknown",
"version": "10.0.0-M1",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Norihito Aimoto (OSSTech Corporation)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Input Validation vulnerability in Apache Tomcat.\u003cp\u003eTomcat \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003efrom 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95\u003c/span\u003e did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could cause Tomcat to treat a single \nrequest as multiple requests leading to the possibility of request \nsmuggling when behind a reverse proxy.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eOlder, EOL versions may also be affected.\u003cbr\u003e\u003c/p\u003e\u003cp\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eUsers are recommended to upgrade to version 11.0.0-M11\u0026nbsp;onwards, 10.1.16 onwards, 9.0.83 onwards or 8.5.96 onwards, which fix the issue.\u003c/span\u003e\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded the header size limit could cause Tomcat to treat a single \nrequest as multiple requests leading to the possibility of request \nsmuggling when behind a reverse proxy.\n\n\nOlder, EOL versions may also be affected.\n\n\nUsers are recommended to upgrade to version 11.0.0-M11\u00a0onwards, 10.1.16 onwards, 9.0.83 onwards or 8.5.96 onwards, which fix the issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "important"
},
"type": "Textual description of severity"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444 Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-29T12:00:24.622Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/0rqq6ktozqc42ro8hhxdmmdjm1k1tpxr"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/11/28/2"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Apache Tomcat: HTTP request smuggling via malformed trailer headers",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2023-46589",
"datePublished": "2023-11-28T15:31:52.366Z",
"dateReserved": "2023-10-23T08:14:01.046Z",
"dateUpdated": "2025-10-29T12:00:24.622Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-46137 (GCVE-0-2023-46137)
Vulnerability from cvelistv5 – Published: 2023-10-25 20:56 – Updated: 2025-11-03 21:49- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
| URL | Tags |
|---|---|
| https://github.com/twisted/twisted/security/advis… | x_refsource_CONFIRM |
| https://lists.debian.org/debian-lts-announce/2024… |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T21:49:56.068Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/twisted/twisted/security/advisories/GHSA-xc8x-vp79-p3wm",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/twisted/twisted/security/advisories/GHSA-xc8x-vp79-p3wm"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00028.html"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:twisted:twisted:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "twisted",
"vendor": "twisted",
"versions": [
{
"lessThan": "23.8.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-46137",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T13:57:52.009306Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T14:05:53.980Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "twisted",
"vendor": "twisted",
"versions": [
{
"status": "affected",
"version": "23.10.0rc1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Twisted is an event-based framework for internet applications. Prior to version 23.10.0rc1, when sending multiple HTTP requests in one TCP packet, twisted.web will process the requests asynchronously without guaranteeing the response order. If one of the endpoints is controlled by an attacker, the attacker can delay the response on purpose to manipulate the response of the second request when a victim launched two requests using HTTP pipeline. Version 23.10.0rc1 contains a patch for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-25T20:56:27.320Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/twisted/twisted/security/advisories/GHSA-xc8x-vp79-p3wm",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/twisted/twisted/security/advisories/GHSA-xc8x-vp79-p3wm"
}
],
"source": {
"advisory": "GHSA-xc8x-vp79-p3wm",
"discovery": "UNKNOWN"
},
"title": "twisted.web has disordered HTTP pipeline response"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-46137",
"datePublished": "2023-10-25T20:56:27.320Z",
"dateReserved": "2023-10-16T17:51:35.574Z",
"dateUpdated": "2025-11-03T21:49:56.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-46121 (GCVE-0-2023-46121)
Vulnerability from cvelistv5 – Published: 2023-11-14 23:31 – Updated: 2024-08-29 15:19- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
| URL | Tags |
|---|---|
| https://github.com/yt-dlp/yt-dlp/security/advisor… | x_refsource_CONFIRM |
| https://github.com/yt-dlp/yt-dlp/commit/f04b5beda… | x_refsource_MISC |
| https://github.com/yt-dlp/yt-dlp/releases/tag/202… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T20:37:39.888Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-3ch3-jhc6-5r8x",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-3ch3-jhc6-5r8x"
},
{
"name": "https://github.com/yt-dlp/yt-dlp/commit/f04b5bedad7b281bee9814686bba1762bae092eb",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/yt-dlp/yt-dlp/commit/f04b5bedad7b281bee9814686bba1762bae092eb"
},
{
"name": "https://github.com/yt-dlp/yt-dlp/releases/tag/2023.11.14",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/yt-dlp/yt-dlp/releases/tag/2023.11.14"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-46121",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T15:18:50.836529Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T15:19:23.948Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "yt-dlp",
"vendor": "yt-dlp",
"versions": [
{
"status": "affected",
"version": "\u003e= 2022.10.04, \u003c 2023.11.14"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "yt-dlp is a youtube-dl fork with additional features and fixes. The Generic Extractor in yt-dlp is vulnerable to an attacker setting an arbitrary proxy for a request to an arbitrary url, allowing the attacker to MITM the request made from yt-dlp\u0027s HTTP session. This could lead to cookie exfiltration in some cases. Version 2023.11.14 removed the ability to smuggle `http_headers` to the Generic extractor, as well as other extractors that use the same pattern. Users are advised to upgrade. Users unable to upgrade should disable the Ggneric extractor (or only pass trusted sites with trusted content) and ake caution when using `--no-check-certificate`."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-14T23:31:55.145Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-3ch3-jhc6-5r8x",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-3ch3-jhc6-5r8x"
},
{
"name": "https://github.com/yt-dlp/yt-dlp/commit/f04b5bedad7b281bee9814686bba1762bae092eb",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/yt-dlp/yt-dlp/commit/f04b5bedad7b281bee9814686bba1762bae092eb"
},
{
"name": "https://github.com/yt-dlp/yt-dlp/releases/tag/2023.11.14",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/yt-dlp/yt-dlp/releases/tag/2023.11.14"
}
],
"source": {
"advisory": "GHSA-3ch3-jhc6-5r8x",
"discovery": "UNKNOWN"
},
"title": "Generic Extractor MITM Vulnerability in yt-dlp"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-46121",
"datePublished": "2023-11-14T23:31:55.145Z",
"dateReserved": "2023-10-16T17:51:35.571Z",
"dateUpdated": "2024-08-29T15:19:23.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Use a web server that employs a strict HTTP parsing procedure, such as Apache [REF-433].
Mitigation
Use only SSL communication.
Mitigation
Terminate the client session after each request.
Mitigation
Turn all pages to non-cacheable.
CAPEC-273: HTTP Response Smuggling
An adversary manipulates and injects malicious content in the form of secret unauthorized HTTP responses, into a single HTTP response from a vulnerable or compromised back-end HTTP agent (e.g., server).
See CanPrecede relationships for possible consequences.
CAPEC-33: HTTP Request Smuggling
An adversary abuses the flexibility and discrepancies in the parsing and interpretation of HTTP Request messages using various HTTP headers, request-line and body parameters as well as message sizes (denoted by the end of message signaled by a given HTTP header) by different intermediary HTTP agents (e.g., load balancer, reverse proxy, web caching proxies, application firewalls, etc.) to secretly send unauthorized and malicious HTTP requests to a back-end HTTP agent (e.g., web server).
See CanPrecede relationships for possible consequences.