A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling.
MEDIUM Vulnerable Package issue exists @ io.undertow:undertow-core in branch refs/heads/master
Description
A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling.
MEDIUM Vulnerable Package issue exists @ io.undertow:undertow-core in branch refs/heads/master
Vulnerability ID: CVE-2020-10719
Package Name: io.undertow:undertow-core
Severity: MEDIUM
CVSS Score: 6.5
Publish Date: 2020-05-26T16:15:00
Current Package Version: 2.0.9.Final
Remediation Upgrade Recommendation: 2.0.35.Final
Link To SCA
Reference – NVD link