Description
A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling.
Remediation
References
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10719
https://security.netapp.com/advisory/ntap-20220210-0014/
Related Vulnerabilities
CVE-2016-2166 Vulnerability in maven package org.apache.qpid:proton-j
CVE-2022-43407 Vulnerability in maven package org.jenkins-ci.plugins:pipeline-input-step
CVE-2020-2199 Vulnerability in maven package org.jenkins-ci.plugins:subversion
CVE-2021-46089 Vulnerability in maven package org.jeecgframework.boot:jeecg-boot-base-core
CVE-2021-21697 Vulnerability in maven package org.jenkins-ci.main:jenkins-core