Search criteria
1 vulnerability by hive
CVE-2020-7655 (GCVE-0-2020-7655)
Vulnerability from cvelistv5 – Published: 2020-05-21 14:15 – Updated: 2024-08-04 09:33
VLAI?
Summary
netius prior to 1.17.58 is vulnerable to HTTP Request Smuggling. HTTP pipelining issues and request smuggling attacks might be possible due to incorrect Transfer encoding header parsing which could allow for CL:TE or TE:TE attacks.
Severity ?
No CVSS data available.
CWE
- HTTP Request Smuggling
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:33:20.004Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://snyk.io/vuln/SNYK-PYTHON-NETIUS-569141"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "netius",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions prior to 1.17.58"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "netius prior to 1.17.58 is vulnerable to HTTP Request Smuggling. HTTP pipelining issues and request smuggling attacks might be possible due to incorrect Transfer encoding header parsing which could allow for CL:TE or TE:TE attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "HTTP Request Smuggling",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-21T14:15:54",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://snyk.io/vuln/SNYK-PYTHON-NETIUS-569141"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "report@snyk.io",
"ID": "CVE-2020-7655",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "netius",
"version": {
"version_data": [
{
"version_value": "All versions prior to 1.17.58"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "netius prior to 1.17.58 is vulnerable to HTTP Request Smuggling. HTTP pipelining issues and request smuggling attacks might be possible due to incorrect Transfer encoding header parsing which could allow for CL:TE or TE:TE attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "HTTP Request Smuggling"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://snyk.io/vuln/SNYK-PYTHON-NETIUS-569141",
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-PYTHON-NETIUS-569141"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2020-7655",
"datePublished": "2020-05-21T14:15:54",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-08-04T09:33:20.004Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}