2353700 – (CVE-2024-6827) CVE-2024-6827 gunicorn: HTTP Request Smuggling in benoitc/gunicorn

Bug 2353700 (CVE-2024-6827) - CVE-2024-6827 gunicorn: HTTP Request Smuggling in benoitc/gunicorn

Summary: CVE-2024-6827 gunicorn: HTTP Request Smuggling in benoitc/gunicorn

Keywords:
Status:	NEW
Alias:	CVE-2024-6827
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2025-03-20 11:07 UTC by OSIDB Bzimport
Modified:	2025-05-06 08:29 UTC (History)
CC List:	34 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-03-20 11:07:31 UTC

Gunicorn version 21.2.0 does not properly validate the value of the 'Transfer-Encoding' header as specified in the RFC standards, which leads to the default fallback method of 'Content-Length,' making it vulnerable to TE.CL request smuggling. This vulnerability can lead to cache poisoning, data exposure, session manipulation, SSRF, XSS, DoS, data integrity compromise, security bypass, information leakage, and business logic abuse.

Note You need to log in before you can comment on or make changes to this bug.

adudiak
aprice
bdettelb
caswilli
crizzo
dhanak
doconnor
dranck
dsimansk
gtanzill
jdobes
jmitchel
jsamir
jtanner
kaycoth
kgaikwad
kholdawa
kingland
kshier
kverlaen
lcouzens
matzew
mnovotny
mpierce
mskarbek
omaciel
orabin
pierdipi
psegedy
rhuss
sausingh
stcannon
teagle
yguenane