Lucene search

HTTP request smuggling in Undertow

🗓️ 16 Jun 2021 17:52:47Reported by GitHub Advisory DatabaseType

Undertow flaw allows HTTP request smugglin

Reporter	Title	Published	Views	Family All 108
OSV	HTTP request smuggling in Undertow	16 Jun 202117:47	–	osv
OSV	CVE-2021-20220	23 Feb 202118:15	–	osv
OSV	HTTP Request Smuggling in Undertow	30 Apr 202117:28	–	osv
OSV	CVE-2020-10687	23 Sep 202013:15	–	osv
OSV	RHSA-2021:0874 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.6 security update	13 Sep 202422:43	–	osv
OSV	Undertow-core vulnerable to HTTP Request Smuggling	19 Oct 201816:55	–	osv
OSV	RHSA-2021:0873 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.6 security update	13 Sep 202422:44	–	osv
OSV	RHSA-2021:0872 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.3.6 security update	13 Sep 202422:43	–	osv
OSV	CVE-2017-7559	10 Jan 201815:29	–	osv
OSV	Undertow vulnerable to Request Smuggling	13 May 202201:36	–	osv

Vulners

Node

io.undertow undertow\-coreRange<2.0.34

io.undertow undertow\-coreRange2.1.0–2.1.6

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2021-20220
github	www.github.com/undertow-io/undertow/commit/9e797b2f99617fdad0471eaa88c711ee7f44605f
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
security	www.security.netapp.com/advisory/ntap-20220210-0013/
github	www.github.com/advisories/GHSA-qjwc-v72v-fq6r

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

16 Jun 2021 17:47Current

2.9Low risk

Vulners AI Score2.9

CVSS26.4

CVSS36.5

EPSS0.00344

CWE-444