Skip to content

Commit

Permalink
Merge branch 'docs-vulnerabilities' into 'main'
Browse files Browse the repository at this point in the history 
Update information about Gunicorn fix

See merge request reportcreator/reportcreator!520
  • Loading branch information
@aronmolnar
aronmolnar committed Apr 17, 2024
2 parents d09f23e + 6c0c93a commit 31f4552
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions docs/docs/insights/vulnerabilities.md
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# HTTP Request Smuggling in non-recommended configurations (CVE-2024-1135)
## HTTP Request Smuggling in non-recommended configurations (CVE-2024-1135)

**CVSSv3.1:** High (7.8; CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
**Unpatched** as of 16 April 2024
**Fixed in 2024.29** (on 17 April 2024)
**Workaround:** Use a reverse proxy (like [Caddy](/setup/webserver/#caddy-recommended) or [nginx](/setup/webserver/#nginx)).

If you don't use a reverse proxy (like Caddy or nginx) for SysReptor and expose the SysReptor port (TCP 8000 by default) directly, you are probably vulnerable to HTTP Request Smuggling attacks.
Expand Down

0 comments on commit 31f4552

Please sign in to comment.