{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36062?format=json","vulnerability_id":"VCID-8xbk-3z3r-nkfh","summary":"mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of another request/response's HTTP message body. While mitmproxy would only see one request, the target server would see multiple requests. A smuggled request is still captured as part of another request's body, but it does not appear in the request list and does not go through the usual mitmproxy event hooks, where users may have implemented custom access control checks or input sanitization. Unless mitmproxy is used to protect an HTTP/1 service, no action is required. The vulnerability has been fixed in mitmproxy 8.0.0 and above. There are currently no known workarounds.","aliases":[{"alias":"CVE-2022-24766"},{"alias":"GHSA-gcx2-gvj7-pxv3"},{"alias":"PYSEC-2022-170"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/27088?format=json","purl":"pkg:pypi/mitmproxy@8.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@8.0.0"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/11629?format=json","purl":"pkg:pypi/mitmproxy@0.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@0.8"},{"url":"http://public2.vulnerablecode.io/api/packages/11630?format=json","purl":"pkg:pypi/mitmproxy@0.8.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@0.8.1"},{"url":"http://public2.vulnerablecode.io/api/packages/11631?format=json","purl":"pkg:pypi/mitmproxy@0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@0.9"},{"url":"http://public2.vulnerablecode.io/api/packages/11632?format=json","purl":"pkg:pypi/mitmproxy@0.9.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@0.9.1"},{"url":"http://public2.vulnerablecode.io/api/packages/11633?format=json","purl":"pkg:pypi/mitmproxy@0.9.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@0.9.2"},{"url":"http://public2.vulnerablecode.io/api/packages/11634?format=json","purl":"pkg:pypi/mitmproxy@0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@0.10"},{"url":"http://public2.vulnerablecode.io/api/packages/11635?format=json","purl":"pkg:pypi/mitmproxy@0.10.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@0.10.1"},{"url":"http://public2.vulnerablecode.io/api/packages/11636?format=json","purl":"pkg:pypi/mitmproxy@0.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@0.11"},{"url":"http://public2.vulnerablecode.io/api/packages/11637?format=json","purl":"pkg:pypi/mitmproxy@0.11.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@0.11.1"},{"url":"http://public2.vulnerablecode.io/api/packages/11638?format=json","purl":"pkg:pypi/mitmproxy@0.11.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@0.11.2"},{"url":"http://public2.vulnerablecode.io/api/packages/11639?format=json","purl":"pkg:pypi/mitmproxy@0.11.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@0.11.3"},{"url":"http://public2.vulnerablecode.io/api/packages/11640?format=json","purl":"pkg:pypi/mitmproxy@0.12.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@0.12.0"},{"url":"http://public2.vulnerablecode.io/api/packages/11641?format=json","purl":"pkg:pypi/mitmproxy@0.12.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@0.12.1"},{"url":"http://public2.vulnerablecode.io/api/packages/11642?format=json","purl":"pkg:pypi/mitmproxy@0.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@0.13"},{"url":"http://public2.vulnerablecode.io/api/packages/11643?format=json","purl":"pkg:pypi/mitmproxy@0.14.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@0.14.0"},{"url":"http://public2.vulnerablecode.io/api/packages/11644?format=json","purl":"pkg:pypi/mitmproxy@0.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@0.15"},{"url":"http://public2.vulnerablecode.io/api/packages/11645?format=json","purl":"pkg:pypi/mitmproxy@0.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@0.16"},{"url":"http://public2.vulnerablecode.io/api/packages/11646?format=json","purl":"pkg:pypi/mitmproxy@0.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@0.17"},{"url":"http://public2.vulnerablecode.io/api/packages/11647?format=json","purl":"pkg:pypi/mitmproxy@0.18.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@0.18.1"},{"url":"http://public2.vulnerablecode.io/api/packages/11648?format=json","purl":"pkg:pypi/mitmproxy@0.18.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@0.18.2"},{"url":"http://public2.vulnerablecode.io/api/packages/11649?format=json","purl":"pkg:pypi/mitmproxy@0.18.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@0.18.3"},{"url":"http://public2.vulnerablecode.io/api/packages/11650?format=json","purl":"pkg:pypi/mitmproxy@1.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@1.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/11651?format=json","purl":"pkg:pypi/mitmproxy@1.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@1.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/11652?format=json","purl":"pkg:pypi/mitmproxy@1.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@1.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/11653?format=json","purl":"pkg:pypi/mitmproxy@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@2.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/11654?format=json","purl":"pkg:pypi/mitmproxy@2.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@2.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/11655?format=json","purl":"pkg:pypi/mitmproxy@2.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@2.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/11656?format=json","purl":"pkg:pypi/mitmproxy@3.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@3.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/11657?format=json","purl":"pkg:pypi/mitmproxy@3.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@3.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/11658?format=json","purl":"pkg:pypi/mitmproxy@3.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@3.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/11659?format=json","purl":"pkg:pypi/mitmproxy@3.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@3.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/11660?format=json","purl":"pkg:pypi/mitmproxy@3.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@3.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/11661?format=json","purl":"pkg:pypi/mitmproxy@4.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@4.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/11662?format=json","purl":"pkg:pypi/mitmproxy@4.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@4.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/11663?format=json","purl":"pkg:pypi/mitmproxy@4.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-pddc-5c8v-qqbs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@4.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/11664?format=json","purl":"pkg:pypi/mitmproxy@4.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@4.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/23556?format=json","purl":"pkg:pypi/mitmproxy@5.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@5.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/23557?format=json","purl":"pkg:pypi/mitmproxy@5.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@5.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/23558?format=json","purl":"pkg:pypi/mitmproxy@5.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@5.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/23559?format=json","purl":"pkg:pypi/mitmproxy@5.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@5.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/23560?format=json","purl":"pkg:pypi/mitmproxy@5.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@5.2"},{"url":"http://public2.vulnerablecode.io/api/packages/23561?format=json","purl":"pkg:pypi/mitmproxy@5.3.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@5.3.0"},{"url":"http://public2.vulnerablecode.io/api/packages/23562?format=json","purl":"pkg:pypi/mitmproxy@6.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@6.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/23563?format=json","purl":"pkg:pypi/mitmproxy@6.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@6.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/23564?format=json","purl":"pkg:pypi/mitmproxy@6.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@6.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/23565?format=json","purl":"pkg:pypi/mitmproxy@7.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@7.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/23566?format=json","purl":"pkg:pypi/mitmproxy@7.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@7.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/23567?format=json","purl":"pkg:pypi/mitmproxy@7.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-f126-n8nd-jfgs"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@7.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/23568?format=json","purl":"pkg:pypi/mitmproxy@7.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@7.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/27087?format=json","purl":"pkg:pypi/mitmproxy@7.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbk-3z3r-nkfh"},{"vulnerability":"VCID-qgvt-wb92-9kbw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mitmproxy@7.0.4"}],"references":[{"reference_url":"https://github.com/mitmproxy/mitmproxy","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mitmproxy/mitmproxy"},{"reference_url":"https://github.com/mitmproxy/mitmproxy/commit/b06fb6d157087d526bd02e7aadbe37c56865c71b","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mitmproxy/mitmproxy/commit/b06fb6d157087d526bd02e7aadbe37c56865c71b"},{"reference_url":"https://github.com/mitmproxy/mitmproxy/security/advisories/GHSA-gcx2-gvj7-pxv3","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mitmproxy/mitmproxy/security/advisories/GHSA-gcx2-gvj7-pxv3"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/mitmproxy/PYSEC-2022-170.yaml","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/mitmproxy/PYSEC-2022-170.yaml"},{"reference_url":"https://mitmproxy.org/posts/releases/mitmproxy8","reference_id":"","reference_type":"","scores":[],"url":"https://mitmproxy.org/posts/releases/mitmproxy8"},{"reference_url":"https://mitmproxy.org/posts/releases/mitmproxy8/","reference_id":"","reference_type":"","scores":[],"url":"https://mitmproxy.org/posts/releases/mitmproxy8/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-24766","reference_id":"CVE-2022-24766","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-24766"},{"reference_url":"https://github.com/advisories/GHSA-gcx2-gvj7-pxv3","reference_id":"GHSA-gcx2-gvj7-pxv3","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-gcx2-gvj7-pxv3"}],"weaknesses":[{"cwe_id":444,"name":"Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')","description":"The product acts as an intermediary HTTP agent (such as a proxy or firewall) in the data flow between two entities such as a client and server, but it does not interpret malformed HTTP requests or responses in ways that are consistent with how the messages will be processed by those entities that are at the ultimate destination."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."}],"exploits":[],"severity_range_score":null,"exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8xbk-3z3r-nkfh"}