Description

A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling.

Remediation

References

CVE-2020-10719

Related Vulnerabilities

TYPO3 Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression La Vulnerability (CVE-2022-23504)

WordPress Plugin Customer Reviews for WooCommerce Multiple Vulnerabilities (5.3.5)

Joomla! Core Remote Code Execution (1.5.0 - 3.4.5)

WordPress Plugin LeaderBoard Cross-Site Request Forgery (1.1.1)

SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17293)

Severity

Medium

Classification

CVE-2020-10719 CWE-444 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities