CVE-2024-1135 Information

Description

Gunicorn fails to properly validate Transfer-Encoding headers leading to HTTP Request Smuggling (HRS) vulnerabilities. By crafting requests with conflicting Transfer-Encoding headers attackers can bypass security restrictions and access restricted endpoints. This issue is due to Gunicorn’s handling of Transfer-Encoding headers where it incorrectly processes requests with multiple conflicting Transfer-Encoding headers treating them as chunked regardless of the final encoding specified. This vulnerability allows for a range of attacks including cache poisoning session manipulation and data exposure.

Reference

https://huntr.com/bounties/22158e34-cfd5-41ad-97e0-a780773d96c1