VDB
GHSA-4PPP-GPCR-7QF6
GHSA-4PPP-GPCR-7QF6
PUBLISHED
CVSS 7.099999904632568 HIGH
HTTP Request Smuggling: Content-Length Sent Twice in Waitress
Risk Scores
CVSS v3.1
7.099999904632568
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| csaf_suse | openstack-neutron-vsphere-test-2.0.1~dev167-3.3.3.noarch | |
| csaf_suse | documentation-suse-openstack-cloud-socmosoperator-8.20200527-1.26.1.noarch | |
| csaf_suse | openstack-barbican-retry-7.0.1~dev24-3.9.5.noarch | |
| csaf_suse | crowbar-core-branding-upstream-4.0+git.1580209654.1d112d31f-9.66.5.x86_64 | |
| csaf_suse | openstack-neutron-ha-tool-13.0.8~dev68-3.25.3.noarch | |
| csaf_suse | ruby2.1-rubygem-puma-2.16.0-3.9.1.s390x | |
| csaf_suse | venv-openstack-heat-x86_64-11.0.3~dev35-3.19.2.noarch | |
| csaf_suse | venv-openstack-zaqar-x86_64-5.0.1-10.10.1.noarch | |
| csaf_suse | ruby2.1-rubygem-puma-2.16.0-4.6.1.ppc64le | |
| csaf_suse | ruby2.1-rubygem-activeresource-4.0.0-4.3.1.ppc64le | |
| csaf_suse | storm-nimbus-1.1.3-3.3.1.ppc64le | |
| csaf_suse | crowbar-core-6.0+git.1594619891.b75a61d0d-3.25.5.x86_64 | |
| csaf_suse | python3-heatclient-1.16.3-3.3.3.noarch | |
| csaf_suse | storm-doc-1.1.3-3.3.1.aarch64 | |
| csaf_suse | ardana-octavia-9.0+git.1590079609.a2ae6ab-3.19.2.noarch | |
| csaf_opensuse | python3-waitress-1.4.3-lp152.4.3.1.noarch | |
| csaf_suse | ruby2.1-rubygem-crowbar-client-testsuite-3.9.2-7.20.1.ppc64le | |
| csaf_suse | openstack-dashboard-12.0.5~dev3-3.26.1.noarch | |
| csaf_suse | storm-nimbus-1.1.3-3.3.1.aarch64 | |
| csaf_suse | kibana-4.6.3-5.1.aarch64 |
…and 553 more
Timeline
- CVE Published
- Dec 24, 2019 PoC Published
- Jul 7, 2020 PoC Published
- Feb 22, 2026 Security Advisory
- Feb 22, 2026 Distribution Patch
- Feb 22, 2026 Security Advisory
- Feb 22, 2026 Distribution Patch
- Feb 22, 2026 Distribution Patch
- Feb 22, 2026 Distribution Patch
- Feb 22, 2026 Security Advisory
- Feb 22, 2026 Distribution Patch
- Feb 22, 2026 Security Advisory