How severe is CVE-2020-5207?

CVE-2020-5207 has a CVSS v3 score of 5.4 (MEDIUM).

CVE-2020-5207

Name: ktor
Author: jetbrains

5.4MEDIUM

In Ktor before 1.3.0, request smuggling is possible when running behind a proxy that doesn't handle Content-Length and Transfer-Encoding properly or doesn't handle \n as a headers separator.

公開日: 1/27/2020更新日: 11/21/2024

説明

In Ktor before 1.3.0, request smuggling is possible when running behind a proxy that doesn't handle Content-Length and Transfer-Encoding properly or doesn't handle \n as a headers separator.

AI分析AIによる分析

影響を受ける製品

jetbrainsktor

参照

https://github.com/ktorio/ktor/pull/1547
PatchThird Party Advisory
https://github.com/ktorio/ktor/security/advisories/GHSA-xrr9-rh8p-433v
Third Party Advisory
https://github.com/ktorio/ktor/pull/1547
PatchThird Party Advisory
https://github.com/ktorio/ktor/security/advisories/GHSA-xrr9-rh8p-433v
Third Party Advisory