Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Very Low


Disclosure Date: May 14, 2020 (last updated May 19, 2020)
** DISPUTED ** NGINX through 1.18.0 allows an HTTP request smuggling attack that can lead to cache poisoning, credential hijacking, or security bypass. NOTE: many third parties dispute the validity of this finding because it represents normal "Connection: keep-alive" behavior.