It exists that Undertow prior to 1.4.17, 1.3.31 and 2.0.0 processes http request headers with unusual whitespaces which can cause possible http request smuggling.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat undertow 2.0.0 |
||
redhat undertow |
||
redhat jboss enterprise application platform 7.1.0 |
||
redhat jboss enterprise application platform 7.0.0 |