How severe is CVE-2020-5207?

CVE-2020-5207 has a CVSS v3 score of 5.4 (MEDIUM).

CVE-2020-5207

Name: ktor
Author: jetbrains

5.4MEDIUM

In Ktor before 1.3.0, request smuggling is possible when running behind a proxy that doesn't handle Content-Length and Transfer-Encoding properly or doesn't handle \n as a headers separator.

发布于: 1/27/2020更新于: 11/21/2024

描述

In Ktor before 1.3.0, request smuggling is possible when running behind a proxy that doesn't handle Content-Length and Transfer-Encoding properly or doesn't handle \n as a headers separator.

AI分析AI驱动

受影响产品

jetbrainsktor

参考资料

https://github.com/ktorio/ktor/pull/1547
PatchThird Party Advisory
https://github.com/ktorio/ktor/security/advisories/GHSA-xrr9-rh8p-433v
Third Party Advisory
https://github.com/ktorio/ktor/pull/1547
PatchThird Party Advisory
https://github.com/ktorio/ktor/security/advisories/GHSA-xrr9-rh8p-433v
Third Party Advisory