gunicorn@19.2.0 vulnerabilities
WSGI HTTP Server for UNIX
-
latest version
23.0.0
-
latest non vulnerable version
-
first published
15 years ago
-
latest version published
3 months ago
-
licenses detected
- [0.7.0,)
Direct Vulnerabilities
Known vulnerabilities in the gunicorn package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
gunicorn is a Python WSGI HTTP Server for UNIX Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions due to the use of How to fix Improper Check for Unusual or Exceptional Conditions? Upgrade |
[,21.2.0)
|
gunicorn is a Python WSGI HTTP Server for UNIX Affected versions of this package are vulnerable to HTTP Request Smuggling due to the improper validation of Notes:
How to fix HTTP Request Smuggling? Upgrade |
[,22.0.0)
|
gunicorn is a Python WSGI HTTP Server for UNIX Affected versions of this package are vulnerable to Improper Input Validation. Gunicorn fails with a 500, instead of a 400, when a request path is a malformed IPv6 address. This is due to no raise 'InvalidRequestLine' exception when the line contains malicious data. How to fix Improper Input Validation? Upgrade |
[,19.4.0)
|
gunicorn is a Python WSGI HTTP Server for UNIX Affected versions of this package are vulnerable to HTTP Request Smuggling. It fails to properly process the How to fix HTTP Request Smuggling? Upgrade |
[,19.10.0)
[20.0.0,20.0.1)
|
gunicorn is a WSGI HTTP Server for UNIX, fast clients and sleepy applications. Affected versions of this package are vulnerable to HTTP Response Splitting in the How to fix HTTP Response Splitting? Upgrade |
[,19.5.0)
|