Lucene search
GoogleOSV:GHSA-5GG7-5WV8-4GCJHistoryMay 13, 2022 - 1:38 a.m.
Undertow Request Smuggling vulnerability
2022-05-1301:38:14
Google
osv.dev
30
undertow
request smuggling
vulnerability
http request headers
unusual whitespaces
EPSS
0.005
Percentile
75.6%
It was discovered that Undertow before 1.4.17, 1.3.31 and 2.0.0 processes http request headers with unusual whitespaces which can cause possible http request smuggling.
References
bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12165
github.com/undertow-io/undertow
github.com/undertow-io/undertow/commit/1e72647818c9fb31b693a953b1ae595a6c82eb7f
github.com/undertow-io/undertow/commit/5b008b7ac312c6cdb76679ff58c43620bb79d44f
github.com/undertow-io/undertow/commit/691440ee58259fba76711b60d56dde6679808bdc
issues.redhat.com/browse/UNDERTOW-1251
nvd.nist.gov/vuln/detail/CVE-2017-12165
Related
redhatcve
redhatcve
CVE-2017-12165
2019-11-05 22:21:40
debiancve
debiancve
CVE-2017-12165
2018-07-27 15:29:00
ubuntucve
ubuntucve
CVE-2017-12165
2018-07-27 00:00:00
cvelist
cvelist
CVE-2017-12165
2018-07-27 15:00:00
cve
cve
CVE-2017-12165
2018-07-27 15:29:00
veracode
veracode
HTTP Smuggling
2018-07-30 08:56:55
nvd
nvd
CVE-2017-12165
2018-07-27 15:29:00
osv
osv
CVE-2017-12165
2018-07-27 15:29:00
github
github
Undertow Request Smuggling vulnerability
2022-05-13 01:38:14
prion
prion
Design/Logic Flaw
2018-07-27 15:29:00
redhat
redhat
nessus
nessus