Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-444

CWE-444

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Parent: CWE-436 - Interpretation Conflict

The product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server, but it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages will be processed by those entities that are at the ultimate destination.

315 vulnerabilities with CWE-444

CVE-2024-6827 HIGH

Gunicorn 21.2.0 - SSRF

CVE-2024-10264 CRITICAL

netease-youdao/qanything <1.4.1 - RCE

CVE-2024-56908 MEDIUM

Perfex Crm <3.2.1 - Auth Bypass

CVE-2024-12397 HIGH

Io.quarkus.http Quarkus-http-core < 5.3.4 - HTTP Request Smuggling

CVE-2024-53008 MEDIUM

HAProxy - Info Disclosure

CVE-2024-9666 MEDIUM

Org.keycloak Keycloak-quarkus-server - HTTP Request Smuggling

CVE-2024-52304 HIGH

aiohttp <3.10.11 - Request Smuggling

CVE-2024-52530 HIGH

Gnome Libsoup < 3.6.0 - HTTP Request Smuggling

CVE-2024-49768 CRITICAL

CVE-2024-44775 HIGH

kmqtt <0.2.7 - DoS

CVE-2024-21281 MEDIUM

Oracle Banking Liquidity Management - HTTP Request Smuggling

CVE-2024-8912 HIGH

Google Cloud Looker < 23.12.123 - HTTP Request Smuggling

CVE-2024-9622 MEDIUM

Org.jboss.resteasy Resteasy-netty4-cdi - HTTP Request Smuggling

CVE-2024-8925 LOW

Php < 8.1.30 - HTTP Request Smuggling

CVE-2024-34535 MEDIUM

Mastodon 4.1.6 - CSRF

CVE-2024-45614 MEDIUM

Puma < 5.6.9 - HTTP Request Smuggling

CVE-2024-42342 MEDIUM

Loway Queuemetrics < 24.05.5 - HTTP Request Smuggling

CVE-2024-27185 CRITICAL

Pagination Class - SSRF

CVE-2024-35538 MEDIUM

Typecho - HTTP Request Smuggling

CVE-2024-41671 HIGH

Pypi Twisted < 24.7.0rc1 - HTTP Request Smuggling

CVE-2024-35161 HIGH

Apache Traffic Server < 8.1.11 - HTTP Request Smuggling

CVE-2024-41110 CRITICAL

Docker < 23.0.15 - HTTP Request Smuggling

CVE-2024-38494 HIGH

CVE-2024-22279 MEDIUM

Cloud Foundry <0.297.0 - DoS

CVE-2024-23326 MEDIUM

Envoy < 1.27.6 - HTTP Request Smuggling

Previous Page 4 of 13 Next

Details

Vulnerabilities 315

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy