Description

A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling.

Remediation

References

CVE-2020-10719

Related Vulnerabilities

WordPress Plugin Login/Signup Popup (Inline Form + Woocommerce) Cross-Site Scripting (1.4)

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-3056)

WordPress Plugin BuddyPress Customer.io Analytics Integration Cross-Site Request Forgery (1.1.6)

Oracle JRE CVE-2013-0433 Vulnerability (CVE-2013-0433)

WordPress Plugin N-Media Website Contact Form with File Upload Arbitrary File Upload (1.3.4)

Severity

Medium

Classification

CVE-2020-10719 CWE-444 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities