Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-444

CWE-444

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Parent: CWE-436 - Interpretation Conflict

The product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server, but it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages will be processed by those entities that are at the ultimate destination.

315 vulnerabilities with CWE-444

CVE-2021-21445 MEDIUM

SAP Commerce Cloud - HTTP Request Smuggling

CVE-2020-25097 HIGH

Squid < 4.14 - HTTP Request Smuggling

CVE-2020-28483 HIGH

Gin < 1.7.0 - HTTP Request Smuggling

CVE-2020-28473 MEDIUM

Bottle < 0.12.19 - HTTP Request Smuggling

CVE-2020-17509 HIGH

Apache Traffic Server <8.1.0 - Cache Poisoning

CVE-2020-8287 MEDIUM

Node.js <10.23.1, 12.20.1, 14.15.4, 15.5.1 - SSRF

CVE-2020-35884 MEDIUM

Tiny-http < 0.7.0 - HTTP Request Smuggling

CVE-2020-35863 CRITICAL

Hyper < 0.12.34 - HTTP Request Smuggling

CVE-2020-26281 MEDIUM

async-h1 <2.3.0 - Request Smuggling

CVE-2020-28361 MEDIUM

Kamailio < 5.4.0 - HTTP Request Smuggling

CVE-2020-26129 MEDIUM

Jetbrains Ktor < 1.4.1 - HTTP Request Smuggling

CVE-2020-7764 MEDIUM

find-my-way <2.2.5 & 3.0.0-3.0.5 - DoS

CVE-2020-25613 HIGH

Ruby < 2.5.8 - HTTP Request Smuggling

CVE-2020-10687 MEDIUM

Undertow <2.2.0.Final - XSS

CVE-2020-8201 HIGH

Node.js < 12.18.4-14.11 - Open Redirect

CVE-2020-15810 MEDIUM

Squid < 4.13 - HTTP Request Smuggling

CVE-2020-9490 HIGH

Apache HTTP Server < 2.4.46 - HTTP Request Smuggling

CVE-2020-11993 HIGH

Apache HTTP Server < 2.4.44 - HTTP Request Smuggling

CVE-2020-15049 CRITICAL

Squid <4.12, 5.x <5.0.3 - SSRF

CVE-2020-7671 HIGH

Goliath < 1.0.6 - HTTP Request Smuggling

CVE-2020-7670 HIGH

Ohler Agoo < 2.12.3 - HTTP Request Smuggling

CVE-2020-7659 HIGH

Celluloid Reel < 0.6.1 - HTTP Request Smuggling

CVE-2020-10719 MEDIUM

Undertow <2.1.1.Final - SSRF

CVE-2020-7658 MEDIUM

Meinheld < 1.0.2 - HTTP Request Smuggling

CVE-2020-11077 MEDIUM

Puma <4.3.5-3.12.6 - SSRF

Previous Page 10 of 13 Next

Details

Vulnerabilities 315

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy