Tag
request-smuggling
Safeguard articles tagged "request-smuggling" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Security
CVE-2023-46589: The Tomcat Request Smuggling Flaw, Explained
CVE-2023-46589 lets an attacker smuggle HTTP requests past a reverse proxy by abusing malformed trailer headers in Apache Tomcat. Here is how it works and which versions to run.
Sep 30, 20256 min read
Vulnerability Analysis
SAP ICM CVE-2022-22536: ICMAD Vulnerabilities Hit the Heart of Enterprise Software
CVE-2022-22536 scored a perfect CVSS 10.0, allowing unauthenticated request smuggling in SAP's Internet Communication Manager. Tens of thousands of SAP systems were at risk.
Feb 8, 20226 min read