CVE-2025-4366 | THREATINT

Description

A request smuggling vulnerability identified within Pingora’s proxying framework, pingora-proxy, allows malicious HTTP requests to be injected via manipulated request bodies on cache HITs, leading to unauthorized request execution and potential cache poisoning. Fixed in: https://github.com/cloudflare/pingora/commit/fda3317ec822678564d641e7cf1c9b77ee3759ff https://github.com/cloudflare/pingora/commit/fda3317ec822678564d641e7cf1c9b77ee3759ff Impact: The issue could lead to request smuggling in cases where Pingora’s proxying framework, pingora-proxy, is used for caching allowing an attacker to manipulate headers and URLs in subsequent requests made on the same HTTP/1.1 connection.

PUBLISHED Reserved 2025-05-05 | Published 2025-05-22 | Updated 2025-06-18 | Assigner cloudflare

HIGH: 7.4CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N

Problem types

CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

Product status

Default status

unaffected

Any version before 0.5.0

affected

References

github.com/cloudflare/pingora

cve.org (CVE-2025-4366)

nvd.nist.gov (CVE-2025-4366)

Download JSON