Description

A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling.

Remediation

References

CVE-2020-10719

Related Vulnerabilities

MySQL CVE-2013-2376 Vulnerability (CVE-2013-2376)

Nginx Use After Free Vulnerability (CVE-2022-31307)

MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3759)

Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4226)

Ruby on Rails Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-3186)

Severity

Medium

Classification

CVE-2020-10719 CWE-444 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities