Description
A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling.
Remediation
References
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10719
https://security.netapp.com/advisory/ntap-20220210-0014/
Related Vulnerabilities
CVE-2022-28220 Vulnerability in maven package org.apache.james:james-server-protocols-managesieve
CVE-2022-45206 Vulnerability in maven package org.jeecgframework.boot:jeecg-boot-base-core
CVE-2020-25724 Vulnerability in maven package io.quarkus:quarkus-resteasy-reactive-parent-aggregator
CVE-2021-4264 Vulnerability in maven package org.webjars.npm:dustjs-linkedin