AIKIDO-2025-10247
gevent is vulnerable to HTTP Request/Response Smuggling
55
Medium Risk
This Affects:
geventTL;DR
Affected versions are vulnerable to HTTP request smuggling when using the gevent_wsgi or gevent_pywsgi worker classes. The issue stems from gevent’s PyWSGIHandler, where the EXPECT: 100-continue header causes the server to retain extra bytes in the socket buffer. These bytes are then interpreted as a new HTTP request, even if forwarded as part of an earlier one. This allows attackers to smuggle unauthorized requests—such as accessing /admin while only /api is exposed via a reverse proxy. The vulnerability can lead to serious security issues such as cache poisoning, data exposure, session hijacking, SSRF, cross-site scripting, and other impacts typical of HTTP request smuggling attacks.
Who does this affect?
You are affected if you are using a version that falls within the vulnerable range.
Background info
gevent is vulnerable to HTTP Request/Response Smuggling in versions 1.0.0 - 25.4.0.
How to fix this
Upgrade the gevent library to the patch version.
Are You Affected?
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.
SOC 2Compliant
ISO 27001Compliant