CVE-2016-10711

CRITICAL

Debian Linux < 2.7 - HTTP Request Smuggling

Title source: rule

Description

Apsis Pound before 2.8a allows request smuggling via crafted headers, a different vulnerability than CVE-2005-3751.

References (4)

Scores

CVSS v3 9.8
EPSS 0.0100
EPSS Percentile 76.7%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE
CWE-444
Status published

Affected Products (2)

debian/debian_linux
apsis/pound < 2.7

Timeline

Published Jan 29, 2018
Tracked Since Feb 18, 2026