Description

A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling.

Remediation

References

CVE-2020-10719

Related Vulnerabilities

WordPress Plugin WordPress File Upload Arbitrary File Upload (3.4.0)

PHP Use of Externally-Controlled Format String Vulnerability (CVE-2006-0200)

Apache HTTP Server Use of Incorrectly-Resolved Name or Reference Vulnerability (CVE-2019-0220)

Chamilo Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2022-27427)

MySQL CVE-2022-21374 Vulnerability (CVE-2022-21374)

Severity

Medium

Classification

CVE-2020-10719 CWE-444 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update Known Vulnerabilities