描述
It was discovered that Undertow before 1.4.17, 1.3.31 and 2.0.0 processes http request headers with unusual whitespaces which can cause possible http request smuggling.
AI分析AI驱动
受影响产品
redhatundertow
redhatundertow
redhatundertow
2.0.0
redhatjboss_enterprise_application_platform
7.0.0
redhatjboss_enterprise_application_platform
7.1.0
参考资料
- https://access.redhat.com/errata/RHSA-2017:3454Vendor Advisory
- https://access.redhat.com/errata/RHSA-2017:3455Vendor Advisory
- https://access.redhat.com/errata/RHSA-2017:3456Vendor Advisory
- https://access.redhat.com/errata/RHSA-2017:3458Vendor Advisory
- https://access.redhat.com/errata/RHSA-2018:0002Vendor Advisory
- https://access.redhat.com/errata/RHSA-2018:0003Vendor Advisory
- https://access.redhat.com/errata/RHSA-2018:0004Vendor Advisory
- https://access.redhat.com/errata/RHSA-2018:0005Vendor Advisory
- https://access.redhat.com/errata/RHSA-2018:1322Vendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12165Issue TrackingVendor Advisory
- https://access.redhat.com/errata/RHSA-2017:3454Vendor Advisory
- https://access.redhat.com/errata/RHSA-2017:3455Vendor Advisory
- https://access.redhat.com/errata/RHSA-2017:3456Vendor Advisory
- https://access.redhat.com/errata/RHSA-2017:3458Vendor Advisory
- https://access.redhat.com/errata/RHSA-2018:0002Vendor Advisory
- https://access.redhat.com/errata/RHSA-2018:0003Vendor Advisory
- https://access.redhat.com/errata/RHSA-2018:0004Vendor Advisory
- https://access.redhat.com/errata/RHSA-2018:0005Vendor Advisory
- https://access.redhat.com/errata/RHSA-2018:1322Vendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12165Issue TrackingVendor Advisory