Fallos del tipo CWE-444

235 resultados

CVE-2023-37276MEDIUMaiohttp vulnerable to HTTP request smugglingEPSS 1.4%CVE-2022-2466—It was found that Quarkus 2.10.x does not terminate HTTP requests header context which may lead to unpredictable behavior.EPSS 1.4%CVE-2026-48710MEDIUMStarlette has missing Host header validation that poisons request.url.path, bypassing path-based security checksEPSS 1.4%CVE-2022-20713MEDIUMA vulnerability in the VPN web client services component of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat DefeEPSS 1.3%CVE-2021-41267MEDIUMWebcache Poisoning in SymfonyEPSS 1.2%CVE-2022-45059HIGHAn issue was discovered in Varnish Cache 7.x before 7.1.2 and 7.2.x before 7.2.1. A request smuggling attack can be performed on Varnish CacEPSS 1.2%CVE-2023-29141CRITICALAn issue was discovered in MediaWiki before 1.35.10, 1.36.x through 1.38.x before 1.38.6, and 1.39.x before 1.39.3. An auto-block can occur EPSS 1.2%CVE-2024-27982MEDIUMThe team has identified a critical vulnerability in the http server of the most recent version of Node, where malformed headers can lead to EPSS 1.2%CVE-2020-10687—A flaw was discovered in all versions of Undertow before Undertow 2.2.0.Final, where HTTP request smuggling related to CVE-2017-2666 is possEPSS 1.1%CVE-2025-31137HIGHRemix and React Router allow URL manipulation via Host / X-Forwarded-Host headersEPSS 1.1%CVE-2021-41136LOWInconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') in pumaEPSS 1.1%CVE-2021-20220—A flaw was found in Undertow. A regression in the fix for CVE-2020-10687 was found. HTTP request smuggling related to CVE-2017-2666 is possiEPSS 1.1%CVE-2023-4639HIGHUndertow: cookie smuggling/spoofingEPSS 1.1%CVE-2022-0552—A flaw was found in the original fix for the netty-codec-http CVE-2021-21409, where the OpenShift Logging openshift-logging/elasticsearch6-rEPSS 1.1%CVE-2021-39214HIGHLacking Protection against HTTP Request Smuggling in mitmproxyEPSS 1.1%CVE-2023-33934CRITICALApache Traffic Server: Differential fuzzing for HTTP request parsing discrepanciesEPSS 1.1%CVE-2024-32638MEDIUMApache APISIX: Forward-Auth Request SmugglingEPSS 1.1%CVE-2023-51747HIGHSMTP smuggling in Apache JamesEPSS 1.0%CVE-2024-53008MEDIUMInconsistent interpretation of HTTP requests ('HTTP Request/Response Smuggling') issue exists in HAProxy. If this vulnerability is exploitedEPSS 1.0%CVE-2024-34350HIGHNext.js Vulnerable to HTTP Request SmugglingEPSS 1.0%

← anteriorpágina 4 / 12siguiente →