Description

A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling.

Remediation

References

CVE-2020-10719

Related Vulnerabilities

Oracle HTTP Server Other Vulnerability (CVE-1999-1068)

WordPress Plugin Form Builder CP Cross-Site Scripting (1.2.14)

WordPress Plugin Flight Search Widget and Blocks Cross-Site Scripting (1.1.0)

WordPress Plugin Video Conferencing with Zoom Cross-Site Scripting (4.0.9)

WordPress Plugin Photospace Gallery Cross-Site Scripting (2.3.5)

Severity

Medium

Classification

CVE-2020-10719 CWE-444 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities