{"uuid": "8ad66642-c6cc-437e-9205-54b903846eed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-16792", "type": "seen", "source": "https://t.me/cveNotify/383", "content": "\ud83d\udea8 CVE-2019-16792\nWaitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would header fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. If two Content-Length headers are sent in a single request, Waitress would treat the request as having no body, thereby treating the body of the request as a new request in HTTP pipelining. This issue is fixed in Waitress 1.4.0.\n\n\ud83c\udf96@cveNotify", "creation_timestamp": "2020-01-23T01:37:54.000000Z"}