CVE-2020-10719: Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling)

May 26, 2020 (updated May 29, 2020)

A flaw was found in Undertow, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling.

References

bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10719
nvd.nist.gov/vuln/detail/CVE-2020-10719

Detect and mitigate CVE-2020-10719 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →