exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 8

CVE-2019-16792

около 6 лет назад

Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. If two Content-Length headers are sent in a single request, Waitress would treat the request as having no body, thereby treating the body of the request as a new request in HTTP pipelining. This issue is fixed in Waitress 1.4.0.

CVSS3: 7.1

EPSS: Низкий

CVE-2019-16792

около 6 лет назад

Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. If two Content-Length headers are sent in a single request, Waitress would treat the request as having no body, thereby treating the body of the request as a new request in HTTP pipelining. This issue is fixed in Waitress 1.4.0.

CVSS3: 7.1

EPSS: Низкий

CVE-2019-16792

около 6 лет назад

Waitress through version 1.3.1 allows request smuggling by sending the ...

CVSS3: 7.1

EPSS: Низкий

GHSA-4ppp-gpcr-7qf6

около 6 лет назад

HTTP Request Smuggling: Content-Length Sent Twice in Waitress

EPSS: Низкий

BDU:2022-05828

около 6 лет назад

Уязвимость WSGI сервера для python Waitress, связанная с недостатками обработки HTTP-запросов, позволяющая нарушителю оказать воздействие на целостность данных

CVSS3: 7.5

EPSS: Низкий

openSUSE-SU-2020:1922-1

около 5 лет назад

Security update for python-waitress

EPSS: Низкий

openSUSE-SU-2020:1911-1

около 5 лет назад

Security update for python-waitress

EPSS: Низкий

SUSE-SU-2020:3269-1

около 5 лет назад

Security update for python-waitress

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2019-16792 Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. If two Content-Length headers are sent in a single request, Waitress would treat the request as having no body, thereby treating the body of the request as a new request in HTTP pipelining. This issue is fixed in Waitress 1.4.0.	CVSS3: 7.1	1% Низкий	около 6 лет назад
CVE-2019-16792 Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. If two Content-Length headers are sent in a single request, Waitress would treat the request as having no body, thereby treating the body of the request as a new request in HTTP pipelining. This issue is fixed in Waitress 1.4.0.	CVSS3: 7.1	1% Низкий	около 6 лет назад
CVE-2019-16792 Waitress through version 1.3.1 allows request smuggling by sending the ...	CVSS3: 7.1	1% Низкий	около 6 лет назад
GHSA-4ppp-gpcr-7qf6 HTTP Request Smuggling: Content-Length Sent Twice in Waitress		1% Низкий	около 6 лет назад
BDU:2022-05828 Уязвимость WSGI сервера для python Waitress, связанная с недостатками обработки HTTP-запросов, позволяющая нарушителю оказать воздействие на целостность данных	CVSS3: 7.5	1% Низкий	около 6 лет назад
openSUSE-SU-2020:1922-1 Security update for python-waitress			около 5 лет назад
openSUSE-SU-2020:1911-1 Security update for python-waitress			около 5 лет назад
SUSE-SU-2020:3269-1 Security update for python-waitress			около 5 лет назад

Уязвимостей на страницу