PT-2024-5615 · Gunicorn+3 · Unicorn+3

Published

2024-03-19

Updated

2026-06-03

CVE-2024-6827

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions gunicorn (affected versions not specified)

Description The issue is related to the gunicorn WSGI server's handling of HTTP requests, which can be exploited by a remote attacker to bypass existing security restrictions and perform an HTTP request smuggling attack.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

HTTP Request/Response Smuggling

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-444

Related Identifiers

BDU:2024-06308

CVE-2024-6827

GHSA-HC5X-X2VX-497G

OPENSUSE-SU-2025_1008-1

SUSE-SU-2025:1002-1

SUSE-SU-2025:1008-1

SUSE-SU-2025_1002-1

SUSE-SU-2025_1008-1

Affected Products

Debian

Red Os

Suse

Unicorn

PT-2024-5615 · Gunicorn+3 · Unicorn+3

CVE-2024-6827

Weakness Enumeration

Related Identifiers

Affected Products

References · 28