Skip to main content

CVE-2020-1935 - HTTP Request Smuggling - incorrect header parsing

Severity

4.8

In Apache TomEE versions 8.0.0-M1 to 8.0.1, 7.1.0 to 7.1.2 and 7.0.0-M1 to 7.0.7 and Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.

Project

Apache Tomcat & Apache TomEE

Versions affected

Apache Tomcat

Tomcat 6.x
All
Get a Patch
Tomcat 7.x
7.0.0 to 7.0.99
Tomcat 8.0.x
All
Get a Patch
Tomcat 8.5.x
8.5.0 to 8.5.50
Tomcat 9.x
9.0.0.M1 to 9.0.0.30

Apache TomEE

TomEE 1.7.x
All
TomEE 7.0.x
7.0.0-M1 to 7.0.7
TomEE 7.1.x
7.1.0 to 7.1.2
TomEE 8.0.x
8.0.0-M1 to 8.0.1
Feel Vulnerable? 

Contact us so we can help you.

* These fields are required.