CVE-2024-6827 — Gunicorn HTTP Request/Response Smuggling vulnerability

Description

Gunicorn version 21.2.0 does not properly validate the value of the 'Transfer-Encoding' header as specified in the RFC standards, which leads to the default fallback method of 'Content-Length,' making it vulnerable to TE.CL request smuggling. This vulnerability can lead to cache poisoning, data exposure, session manipulation, SSRF, XSS, DoS, data integrity compromise, security bypass, information leakage, and business logic abuse.

How to fix CVE-2024-6827

To remediate CVE-2024-6827, upgrade the affected package to a fixed version below.

—no fix listed
—upgrade to 22.0.0 or later

Is CVE-2024-6827 being exploited?

Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.

Affected packages (2)

from 0
from 0, < 22.0.0

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH7.5	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

References (8)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2024-6827
ADVISORYsecurity-tracker.debian.org/tracker/CVE-2024-6827
PATCHgithub.com/benoitc/gunicorn
WEBgithub.com/benoitc/gunicorn/issues/3087
WEBgithub.com