How severe is CVE-2020-5207?

CVE-2020-5207 has a CVSS v3 score of 5.4 (MEDIUM).

CVE-2020-5207

Name: ktor
Author: jetbrains

5.4MEDIUM

In Ktor before 1.3.0, request smuggling is possible when running behind a proxy that doesn't handle Content-Length and Transfer-Encoding properly or doesn't handle \n as a headers separator.

Publicado: 1/27/2020Actualizado: 11/21/2024

Descripción

In Ktor before 1.3.0, request smuggling is possible when running behind a proxy that doesn't handle Content-Length and Transfer-Encoding properly or doesn't handle \n as a headers separator.

Análisis IAImpulsado por IA

Productos Afectados

jetbrainsktor

Referencias

https://github.com/ktorio/ktor/pull/1547
PatchThird Party Advisory
https://github.com/ktorio/ktor/security/advisories/GHSA-xrr9-rh8p-433v
Third Party Advisory
https://github.com/ktorio/ktor/pull/1547
PatchThird Party Advisory
https://github.com/ktorio/ktor/security/advisories/GHSA-xrr9-rh8p-433v
Third Party Advisory