Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mitmproxy
(Mitmproxy)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-09-16 | CVE-2021-39214 | mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of another request/response's HTTP message body. While a smuggled request is still captured as part of another request's body, it does not appear in the request list and does not go through the usual... | Mitmproxy | 9.8 | ||
| 2022-03-21 | CVE-2022-24766 | mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of another request/response's HTTP message body. While mitmproxy would only see one request, the target server would see multiple requests. A smuggled request is still captured as part of another... | Mitmproxy | 9.8 | ||
| 2018-07-22 | CVE-2018-14505 | mitmweb in mitmproxy v4.0.3 allows DNS Rebinding attacks, related to tools/web/app.py. | Mitmproxy | 8.8 |