Weaknesses of type CWE-444
235 resultsCVE-2024-52530HIGHGNOME libsoup before 3.6.0 allows HTTP request smuggling in some configurations because '\0' characters at the end of header names are ignorEPSS 0.8%CVE-2024-22081CRITICALAn issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Unauthenticated memory corruption can occur in theEPSS 0.8%CVE-2021-34559MEDIUMA vulnerability in WirelessHART-Gateway <= 3.0.8 may allow remote attackers to rewrite links and URLs in cached pages to arbitrary stringsEPSS 0.8%CVE-2023-46137MEDIUMtwisted.web has disordered HTTP pipeline responseEPSS 0.8%CVE-2020-5207MEDIUMRequest smuggling is possible in Ktor when both chunked TE and content length specifiedEPSS 0.8%CVE-2024-12397HIGHIo.quarkus.http/quarkus-http-core: quarkus http cookie smugglingEPSS 0.8%CVE-2023-40175HIGHInconsistent Interpretation of HTTP Requests in pumaEPSS 0.7%CVE-2024-6827HIGHHTTP Request Smuggling in benoitc/gunicornEPSS 0.7%CVE-2020-5220MEDIUMAbility to expose data in Sylius by using an unintended serialisation groupEPSS 0.7%CVE-2026-48746CRITICALvLLM: OpenAI auth bypassEPSS 0.7%CVE-2026-2835CRITICALHTTP Request Smuggling via HTTP/1.0 and Transfer-Encoding MisparsingEPSS 0.7%CVE-2026-28367HIGHUndertow: undertow: request smuggling via `\r\r\r` as a header block terminatorEPSS 0.7%CVE-2026-28368HIGHUndertow: undertow: request smuggling via inconsistent header parsingEPSS 0.7%CVE-2024-27439MEDIUMApache Wicket: Possible bypass of CSRF protectionEPSS 0.7%CVE-2026-28369HIGHUndertow: undertow: request smuggling via malformed http request headersEPSS 0.7%CVE-2024-33452HIGHAn issue in OpenResty lua-nginx-module v.0.10.26 and before allows a remote attacker to conduct HTTP request smuggling via a crafted HEAD reEPSS 0.7%CVE-2026-2833CRITICALHTTP Request Smuggling via Premature UpgradeEPSS 0.7%CVE-2024-9622MEDIUMResteasy-netty4-cdi: resteasy-netty4: resteasy-reactor-netty: http request smuggling leading to client timeouts in resteasy-netty4EPSS 0.7%CVE-2023-38697MEDIUM protocol-http1 HTTP Request/Response Smuggling vulnerabilityEPSS 0.6%CVE-2025-58056LOWNetty is vulnerable to request smuggling due to incorrect parsing of chunk extensionsEPSS 0.6%