Severity by source
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
7DescriptionCVE.org
Inconsistent Interpretation of HTTP Requests vulnerability in mtrudel bandit allows HTTP request smuggling via duplicate Content-Length headers.
'Elixir.Bandit.Headers':get_content_length/1 in lib/bandit/headers.ex uses List.keyfind/3, which returns only the first matching header. When a request contains two Content-Length headers with different values, Bandit silently accepts it, uses the first value to read the body, and dispatches the remaining bytes as a second pipelined request on the same keep-alive connection. RFC 9112 §6.3 requires recipients to treat this as an unrecoverable framing error.
When Bandit sits behind a proxy that picks the last Content-Length value and forwards the request rather than rejecting it, an unauthenticated attacker can smuggle requests past edge WAF rules, path-based ACLs, rate limiting, and audit logging.
This issue affects bandit: before 1.11.0.
AnalysisAI
HTTP request smuggling in mtrudel bandit before version 1.11.0 allows unauthenticated attackers to bypass edge security controls when the application sits behind a proxy that interprets duplicate Content-Length headers differently. The vulnerability stems from Bandit accepting only the first Content-Length header while proxies may use the last value, causing request framing desynchronization that enables smuggling past WAF rules, path-based ACLs, rate limiting, and audit logging. CVSS 6.3 (AV:N/AC:L/AT:P) indicates network-accessible exploitation with some attack timing complexity; no public exploit code or active KEV listing identified at analysis time, but RFC 9112 non-compliance creates a known attack pattern.
Technical ContextAI
The vulnerability exists in Bandit's HTTP/1.1 header parsing logic, specifically in 'Elixir.Bandit.Headers':get_content_length/1 within lib/bandit/headers.ex. The Elixir function List.keyfind/3 returns only the first matching header when multiple Content-Length headers exist in an HTTP request, violating RFC 9112 Section 6.3 which mandates rejection of duplicate Content-Length headers as unrecoverable framing errors. When Bandit operates behind a reverse proxy (common in edge deployments), the proxy may normalize the request by selecting the last Content-Length value and forwarding it, while Bandit reads the body based on the first value. This creates a desynchronized framing state: bytes intended for the second request (as interpreted by Bandit's logic) remain in the keep-alive connection buffer and are processed as a separate pipelined HTTP request, bypassing upstream security controls that evaluated the original request. The attack leverages inconsistent HTTP semantics interpretation between two network hops - a classic request smuggling vulnerability (CWE-444).
RemediationAI
Vendor-released patch: bandit 1.11.0 or later. The upstream fix modifies get_content_length/1 to reject all requests with multiple Content-Length headers (even if values are identical) by returning an error, causing Bandit to return HTTP 400 Bad Request per RFC 9112 Section 6.3. Deploy bandit 1.11.0+ immediately in all environments. For organizations unable to upgrade immediately, implement the following compensating controls: (1) Disable HTTP keep-alive on the reverse proxy layer by setting 'Connection: close' in responses, preventing pipelined request exploitation on the same connection (trade-off: increased connection overhead); (2) Configure the upstream proxy to reject requests with multiple Content-Length headers before forwarding to Bandit, e.g., using nginx 'if ($http_content_length_count > 1)' validation or equivalent WAF rules (trade-off: must maintain proxy ruleset in sync with Bandit releases); (3) Run Bandit behind a strict rate-limiting and request inspection layer that treats request smuggling attempts as attack signals (trade-off: adds operational complexity). Patch availability confirmed via GitHub commit f2ca636eb6df385219957e8934e9fc6efa1630d1.
Same weakness CWE-444 – HTTP Request/Response Smuggling
View allSame technique Request Smuggling
View allVendor StatusVendor
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-26712
GHSA-c67r-gc9j-2qf7