CVE-2020-7611
Description
All versions of io.micronaut:micronaut-http-client before 1.2.11 and all versions from 1.3.0 before 1.3.2 are vulnerable to HTTP Request Header Injection due to not validating request headers passed to the client.
Risk Information
Base Score
9.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.5
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2020-7611 are fixed in Micronaut-micronaut-http-client 1.2.11 | Windows |
| Vulnerabilities CVE-2020-7611 are fixed in Micronaut-micronaut-http-client 1.3.2 | Windows |
| Vulnerabilities CVE-2020-7611 are fixed in Micronaut-micronaut-http-client for Linux 1.2.11 | Linux |
| Vulnerabilities CVE-2020-7611 are fixed in Micronaut-micronaut-http-client for Linux 1.3.2 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234