Description

A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling.

Remediation

References

CVE-2020-10719

Related Vulnerabilities

Plone CMS Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-32633)

Artifactory Insufficiently Protected Credentials Vulnerability (CVE-2020-2164)

phpMyAdmin Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-8961)

WordPress Plugin is_human() 'type' Parameter Remote Command Injection (1.4.2)

WebLogic CVE-2024-21181 Vulnerability (CVE-2024-21181)

Severity

Medium

Classification

CVE-2020-10719 CWE-444 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities