Home

CVE-2020-1935

Description

In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.

Risk Information

Base Score
4.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
EPSS Score
Exploitation Probability
1.01

Associated Vulnerability

VulnerabilityOS Platform
GhostCat: Vulnerabilities CVE-2020-1938,CVE-2020-1935,CVE-2019-17569 are fixed in 11 February 2019 Fixed in Apache Tomcat 9.0.31Windows
GhostCat: Vulnerabilities CVE-2020-1938,CVE-2020-1935,CVE-2019-17569 are fixed in 11 February 2020 Fixed in Apache Tomcat 8.5.51Windows
GhostCat: Vulnerabilities CVE-2020-1938,CVE-2020-1935,CVE-2019-17569 are fixed in 14 February 2020 Fixed in Apache Tomcat 7.0.100Windows
Multiple Vulnerabilities are affected in IBM UrbanCode Deploy 7.0.3.0Windows
Multiple Vulnerabilities are affected in IBM UrbanCode Deploy 7.0.4.0Windows
Vulnerabilities CVE-2019-17569,CVE-2020-1935 are fixed in Apache - tomcat 7.0.100Windows
Vulnerabilities CVE-2019-17569,CVE-2020-1935 are fixed in Apache - tomcat 8.5.51Windows
Vulnerabilities CVE-2019-17569,CVE-2020-1935 are fixed in Apache - tomcat 9.0.31Windows
Vulnerabilities CVE-2020-1938,CVE-2019-17569,CVE-2020-1935 are fixed in Apache - tomcat-embed-core 9.0.31Windows
Vulnerabilities CVE-2020-1938,CVE-2019-17569,CVE-2020-1935 are fixed in Apache - tomcat-embed-core 8.5.51Windows
Vulnerabilities CVE-2020-1938,CVE-2019-17569,CVE-2020-1935 are fixed in Apache - tomcat-embed-core 7.0.100Windows
Multiple Vulnerabilities are affected in IBM UrbanCode Deploy 6.2.7.3Windows
Multiple Vulnerabilities are affected in IBM UrbanCode Deploy 6.2.7.4Windows
Multiple Vulnerabilities are affected in IBM Tivoli Application Dependency Discovery Manager 7.3.0Windows
SUSE-SU-2020:0632-1(SUSE Linux Enterprise Server 12-SP4 ) tomcat-9.0.31-3.25.1.noarch.rpmLinux
SUSE-SU-2020:0632-1(SUSE Linux Enterprise Server 12-SP5 ) tomcat-9.0.31-3.25.1.noarch_SP5.rpmLinux
SUSE-SU-2020:0632-1(SUSE Linux Enterprise Server 12-SP4 ) tomcat-admin-webapps-9.0.31-3.25.1.noarch.rpmLinux
SUSE-SU-2020:0632-1(SUSE Linux Enterprise Server 12-SP4 ) tomcat-docs-webapp-9.0.31-3.25.1.noarch.rpmLinux
SUSE-SU-2020:0632-1(SUSE Linux Enterprise Server 12-SP5 ) tomcat-admin-webapps-9.0.31-3.25.1.noarch_SP5.rpmLinux
SUSE-SU-2020:0632-1(SUSE Linux Enterprise Server 12-SP4 ) tomcat-el-3_0-api-9.0.31-3.25.1.noarch.rpmLinux
SUSE-SU-2020:0632-1(SUSE Linux Enterprise Server 12-SP5 ) tomcat-docs-webapp-9.0.31-3.25.1.noarch_SP5.rpmLinux
SUSE-SU-2020:0632-1(SUSE Linux Enterprise Server 12-SP4 ) tomcat-javadoc-9.0.31-3.25.1.noarch.rpmLinux
SUSE-SU-2020:0632-1(SUSE Linux Enterprise Server 12-SP5 ) tomcat-el-3_0-api-9.0.31-3.25.1.noarch_SP5.rpmLinux
SUSE-SU-2020:0632-1(SUSE Linux Enterprise Server 12-SP4 ) tomcat-jsp-2_3-api-9.0.31-3.25.1.noarch.rpmLinux
SUSE-SU-2020:0632-1(SUSE Linux Enterprise Server 12-SP5 ) tomcat-javadoc-9.0.31-3.25.1.noarch_SP5.rpmLinux
SUSE-SU-2020:0632-1(SUSE Linux Enterprise Server 12-SP4 ) tomcat-lib-9.0.31-3.25.1.noarch.rpmLinux
SUSE-SU-2020:0632-1(SUSE Linux Enterprise Server 12-SP5 ) tomcat-jsp-2_3-api-9.0.31-3.25.1.noarch_SP5.rpmLinux
SUSE-SU-2020:0632-1(SUSE Linux Enterprise Server 12-SP4 ) tomcat-servlet-4_0-api-9.0.31-3.25.1.noarch.rpmLinux
SUSE-SU-2020:0632-1(SUSE Linux Enterprise Server 12-SP5 ) tomcat-lib-9.0.31-3.25.1.noarch_SP5.rpmLinux
SUSE-SU-2020:0632-1(SUSE Linux Enterprise Server 12-SP4 ) tomcat-webapps-9.0.31-3.25.1.noarch.rpmLinux
SUSE-SU-2020:0632-1(SUSE Linux Enterprise Server 12-SP5 ) tomcat-servlet-4_0-api-9.0.31-3.25.1.noarch_SP5.rpmLinux
SUSE-SU-2020:0632-1(SUSE Linux Enterprise Server 12-SP5 ) tomcat-webapps-9.0.31-3.25.1.noarch_SP5.rpmLinux
tomcat8 security update(DSA-4673-1) tomcat8_8.5.54-0+deb9u1_all.debLinux
tomcat9 security update(DSA-4680-1) tomcat9_9.0.31-1~deb10u1_all.debLinux
Servlet and JSP engine (USN-4448-1) tomcat8_8.0.32-1ubuntu1.13_all.debLinux
Servlet and JSP engine (USN-4448-1) libtomcat8-java_8.0.32-1ubuntu1.13_all.debLinux
(RHSA-2020:5020) tomcat security update tomcat-7.0.76-16.el7_9.noarch.rpmLinux
(RHSA-2020:5020) tomcat security update tomcat-admin-webapps-7.0.76-16.el7_9.noarch.rpmLinux
(RHSA-2020:5020) tomcat security update tomcat-docs-webapp-7.0.76-16.el7_9.noarch.rpmLinux
(RHSA-2020:5020) tomcat security update tomcat-el-2.2-api-7.0.76-16.el7_9.noarch.rpmLinux
(RHSA-2020:5020) tomcat security update tomcat-javadoc-7.0.76-16.el7_9.noarch.rpmLinux
(RHSA-2020:5020) tomcat security update tomcat-jsp-2.2-api-7.0.76-16.el7_9.noarch.rpmLinux
(RHSA-2020:5020) tomcat security update tomcat-jsvc-7.0.76-16.el7_9.noarch.rpmLinux
(RHSA-2020:5020) tomcat security update tomcat-lib-7.0.76-16.el7_9.noarch.rpmLinux
(RHSA-2020:5020) tomcat security update tomcat-servlet-3.0-api-7.0.76-16.el7_9.noarch.rpmLinux
(RHSA-2020:5020) tomcat security update tomcat-webapps-7.0.76-16.el7_9.noarch.rpmLinux
Tomcat update (ELSA-2020-5020) tomcat-7.0.76-16.el7_9.noarch.rpmLinux
Tomcat-admin-webapps update (ELSA-2020-5020) tomcat-admin-webapps-7.0.76-16.el7_9.noarch.rpmLinux
Tomcat-docs-webapp update (ELSA-2020-5020) tomcat-docs-webapp-7.0.76-16.el7_9.noarch.rpmLinux
Tomcat-el-2.2-api update (ELSA-2020-5020) tomcat-el-2.2-api-7.0.76-16.el7_9.noarch.rpmLinux
Tomcat-javadoc update (ELSA-2020-5020) tomcat-javadoc-7.0.76-16.el7_9.noarch.rpmLinux
Tomcat-jsp-2.2-api update (ELSA-2020-5020) tomcat-jsp-2.2-api-7.0.76-16.el7_9.noarch.rpmLinux
Tomcat-jsvc update (ELSA-2020-5020) tomcat-jsvc-7.0.76-16.el7_9.noarch.rpmLinux
Tomcat-lib update (ELSA-2020-5020) tomcat-lib-7.0.76-16.el7_9.noarch.rpmLinux
Tomcat-servlet-3.0-api update (ELSA-2020-5020) tomcat-servlet-3.0-api-7.0.76-16.el7_9.noarch.rpmLinux
Tomcat-webapps update (ELSA-2020-5020) tomcat-webapps-7.0.76-16.el7_9.noarch.rpmLinux
GhostCat: Vulnerabilities CVE-2020-1938,CVE-2020-1935,CVE-2019-17569 are fixed in 11 February 2019 Fixed in Apache Tomcat 9.0.31 (For Linux)Linux
GhostCat: Vulnerabilities CVE-2020-1938,CVE-2020-1935,CVE-2019-17569 are fixed in 11 February 2020 Fixed in Apache Tomcat 8.5.51 (For Linux)Linux
GhostCat: Vulnerabilities CVE-2020-1938,CVE-2020-1935,CVE-2019-17569 are fixed in 14 February 2020 Fixed in Apache Tomcat 7.0.100 (For Linux)Linux
(CESA-2020:5020) tomcat security update tomcat-7.0.76-16.el7_9.noarch.rpmLinux
(CESA-2020:5020) tomcat security update tomcat-admin-webapps-7.0.76-16.el7_9.noarch.rpmLinux
(CESA-2020:5020) tomcat security update tomcat-docs-webapp-7.0.76-16.el7_9.noarch.rpmLinux
(CESA-2020:5020) tomcat security update tomcat-el-2.2-api-7.0.76-16.el7_9.noarch.rpmLinux
(CESA-2020:5020) tomcat security update tomcat-javadoc-7.0.76-16.el7_9.noarch.rpmLinux
(CESA-2020:5020) tomcat security update tomcat-jsp-2.2-api-7.0.76-16.el7_9.noarch.rpmLinux
(CESA-2020:5020) tomcat security update tomcat-jsvc-7.0.76-16.el7_9.noarch.rpmLinux
(CESA-2020:5020) tomcat security update tomcat-lib-7.0.76-16.el7_9.noarch.rpmLinux
(CESA-2020:5020) tomcat security update tomcat-servlet-3.0-api-7.0.76-16.el7_9.noarch.rpmLinux
(CESA-2020:5020) tomcat security update tomcat-webapps-7.0.76-16.el7_9.noarch.rpmLinux
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:4847) slf4j-1.7.25-4.module+el8.5.0+697+f586bb30.noarch.rpmLinux
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:4847) velocity-1.7-24.module+el8.3.0+53+ea062990.noarch.rpmLinux
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:4847) xalan-j2-2.7.1-38.module+el8.3.0+53+ea062990.noarch.rpmLinux
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:4847) javassist-3.18.1-8.module+el8.3.0+53+ea062990.noarch.rpmLinux
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:4847) xerces-j2-2.11.0-34.module+el8.3.0+53+ea062990.noarch.rpmLinux
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:4847) javassist-javadoc-3.18.1-8.module+el8.3.0+53+ea062990.noarch.rpmLinux
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:4847) apache-commons-net-3.6-3.module+el8.3.0+53+ea062990.noarch.rpmLinux
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:4847) apache-commons-lang-2.6-21.module+el8.3.0+53+ea062990.noarch.rpmLinux
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:4847) xml-commons-resolver-1.2-26.module+el8.3.0+53+ea062990.noarch.rpmLinux
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:4847) apache-commons-collections-3.2.2-10.module+el8.3.0+53+ea062990.noarch.rpmLinux
pki-core:10.6 and pki-deps:10.6 security, bug fix, and enhancement update (RLSA-2020:4847) jakarta-commons-httpclient-3.1-28.module+el8.3.0+53+ea062990.noarch.rpmLinux
Vulnerabilities CVE-2019-17569,CVE-2020-1935 are fixed in Apache - tomcat for Linux 7.0.100Linux
Vulnerabilities CVE-2019-17569,CVE-2020-1935 are fixed in Apache - tomcat for Linux 8.5.51Linux
Vulnerabilities CVE-2019-17569,CVE-2020-1935 are fixed in Apache - tomcat for Linux 9.0.31Linux
Vulnerabilities CVE-2020-1938,CVE-2019-17569,CVE-2020-1935 are fixed in Apache - tomcat-embed-core for Linux 9.0.31Linux
Vulnerabilities CVE-2020-1938,CVE-2019-17569,CVE-2020-1935 are fixed in Apache - tomcat-embed-core for Linux 8.5.51Linux
Vulnerabilities CVE-2020-1938,CVE-2019-17569,CVE-2020-1935 are fixed in Apache - tomcat-embed-core for Linux 7.0.100Linux
Inconsistent Interpretation of HTTP Requests (HTTP Request/Response Smuggling) Vulnerability (CVE-2020-1935)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234