CVE-2016-10711
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
29/01/2018
Last modified:
17/06/2026
Description
Apsis Pound before 2.8a allows request smuggling via crafted headers, a different vulnerability than CVE-2005-3751.
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:apsis:pound:*:*:*:*:*:*:*:* | 2.7 (including) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://www.apsis.ch/pound/pound_list/archive/2016/2016-10/1477235279000
- https://lists.debian.org/debian-lts-announce/2018/02/msg00015.html
- https://lists.debian.org/debian-lts-announce/2020/04/msg00028.html
- https://lists.debian.org/debian-lts-announce/2020/05/msg00003.html
- http://www.apsis.ch/pound/pound_list/archive/2016/2016-10/1477235279000
- https://lists.debian.org/debian-lts-announce/2018/02/msg00015.html
- https://lists.debian.org/debian-lts-announce/2020/04/msg00028.html
- https://lists.debian.org/debian-lts-announce/2020/05/msg00003.html



