Gunicorn fails to properly validate Transfer-Encoding headers, leading to HTTP Request Smuggling (HRS) vulnerabilities. By crafting requests with conflicting Transfer-Encoding headers, attackers can bypass security restrictions and access restricted endpoints. This issue is due to Gunicorn's handling of Transfer-Encoding headers, where it incorrectly processes requests with multiple, conflicting Transfer-Encoding headers, treating them as chunked regardless of the final encoding specified. This vulnerability allows for a range of attacks including cache poisoning, session manipulation, and data exposure.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: @huntr_ai
Published: 2024-04-16T00:00:14.938Z
Updated: 2024-08-01T18:26:30.502Z
Reserved: 2024-01-31T18:15:14.296Z
Link: CVE-2024-1135
Vulnrichment
Updated: 2024-08-01T18:26:30.502Z
NVD
Status : Awaiting Analysis
Published: 2024-04-16T00:15:07.797
Modified: 2024-06-30T23:15:02.563
Link: CVE-2024-1135
Redhat