CVE-2020-5207

In Ktor before 1.3.0, request smuggling is possible when running behind a proxy that doesn't handle Content-Length and Transfer-Encoding properly or doesn't handle \n as a headers separator.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:jetbrains:ktor:*:*:*:*:*:*:*:*

Information

Published : 2020-01-27 12:15

Updated : 2020-02-04 06:41


NVD link : CVE-2020-5207

Mitre link : CVE-2020-5207


JSON object : View

CWE
CWE-444

Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')

Advertisement

dedicated server usa

Products Affected

jetbrains

  • ktor