Fluid Attacks Database

Description

Mitmweb in mitmproxy allows DNS Rebinding attacks mitmweb in mitmproxy before v4.0.4 allows DNS Rebinding attacks, related to tools/web/app.py.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 14	mitmproxy	=0.10-1 \|\| =0.10-2 \|\| =0.10.1-1 \|\| =0.10.1-2 \|\| =0.11.3-1 \|\| =0.11.3-2 \|\| =0.11.3-3 \|\| =0.12.1-1 \|\| =0.12.1-2 \|\| =0.13-1 \|\| =0.15-1 \|\| =0.15-2 \|\| =0.18.1-1 \|\| =0.18.1-2 \|\| =0.18.2-1 \|\| =0.18.2-2 \|\| =0.18.2-3 \|\| =0.18.2-4 \|\| =0.18.2-5 \|\| =0.18.2-6 \|\| =0.6-1 \|\| =0.6-2 \|\| =0.6-3 \|\| =0.7-1 \|\| =0.8-1 \|\| =0.8-2 \|\| =0.9.1-1 \|\| =0.9.1-2 \|\| =0.9.2-1 \|\| =0.9.2-2 \|\| =2.0.2-1 \|\| =2.0.2-2 \|\| =2.0.2-3 \|\| =2.0.2-4 \|\| =3.0.3-1 \|\| >=0 <3.0.4-1	3.0.4-1
debian 11	mitmproxy	>=0 <3.0.4-1	3.0.4-1
pypi	mitmproxy	>=0 <4.0.4	4.0.4
debian 12	mitmproxy	>=0 <3.0.4-1	3.0.4-1

Aliases

References

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.