Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-33452

An issue in OpenResty lua-nginx-module v.0.10.26 and before allows a remote attacker to conduct HTTP request smuggling via a crafted HEAD request.

Published

2025-04-22T16:15:44.200

Last Modified

2025-06-23T18:20:26.140

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.7 (HIGH)

Weaknesses
  • Type: Secondary
    CWE-444
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application openresty lua-nginx-module ≤ 0.10.26 Yes
References