CVE-2019-16789

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-16789

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-16789.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-16789

Aliases

Related

Published

2019-12-26T17:15:13Z

Modified

2024-09-11T04:28:45.427416Z

Severity

8.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N CVSS Calculator

Summary

[none]

Details

In Waitress through version 1.4.0, if a proxy server is used in front of waitress, an invalid request may be sent by an attacker that bypasses the front-end and is parsed differently by waitress leading to a potential for HTTP request smuggling. Specially crafted requests containing special whitespace characters in the Transfer-Encoding header would get parsed by Waitress as being a chunked request, but a front-end server would use the Content-Length instead as the Transfer-Encoding header is considered invalid due to containing invalid characters. If a front-end server does HTTP pipelining to a backend Waitress server this could lead to HTTP request splitting which may lead to potential cache poisoning or unexpected information disclosure. This issue is fixed in Waitress 1.4.1 through more strict HTTP field validation.

References

Affected packages

Debian:11 / waitress

Package

Name: waitress
Purl: pkg:deb/debian/waitress?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.4.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / waitress

Package

Name: waitress
Purl: pkg:deb/debian/waitress?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.4.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / waitress

Package

Name: waitress
Purl: pkg:deb/debian/waitress?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.4.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/pylons/waitress

Affected ranges

Type: GIT
Repo: https://github.com/pylons/waitress
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

11d9e138125ad46e951027184b13242a3c1de017

Affected versions

0.*

0.1

0.2

0.3

0.4

0.5

0.6

0.6.1

0.7

0.8

0.8.1

0.8.10

0.8.11b0

0.8.2

0.8.3

0.8.4

0.8.5

0.8.6

0.8.7

0.8.8

0.8.9

0.9.0b0

v0.*

v0.9.0

v0.9.0b1

v1.*

v1.0.0

v1.0.1

v1.0.2

v1.0a1

v1.0a2

v1.1.0

v1.2.0

v1.2.0b1

v1.2.0b2

v1.2.0b3

v1.2.1

v1.3.0

v1.3.0b0

v1.3.1

v1.4.0