CVE-2022-2466
Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') in maven/io.quarkus/quarkus-core-parent
Identifiers
GHSA-mwhw-6p27-4crc, CVE-2022-2466
Package Slug
maven/io.quarkus/quarkus-core-parent
Vulnerability
Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
Description
It was found that Quarkus 2.10.x does not terminate HTTP requests header context which may lead to unpredictable behavior.
Affected Versions
All versions starting from 2.10.0 before 2.10.4
Solution
Upgrade to version 2.10.4 or above.
Last Modified
2022-09-19
| source |