Critical severityNVD Advisory· Published Mar 30, 2020· Updated Aug 4, 2024
CVE-2020-7611
CVE-2020-7611
Description
All versions of io.micronaut:micronaut-http-client before 1.2.11 and all versions from 1.3.0 before 1.3.2 are vulnerable to HTTP Request Header Injection due to not validating request headers passed to the client.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
io.micronaut:micronaut-http-clientMaven | < 1.2.11 | 1.2.11 |
io.micronaut:micronaut-http-clientMaven | >= 1.3.0, < 1.3.2 | 1.3.2 |
Affected products
2- io.micronaut/micronaut-http-clientdescription
Patches
Vulnerability mechanics
References
7- github.com/advisories/GHSA-694p-xrhg-x3wmghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-7611ghsaADVISORY
- github.com/micronaut-projects/micronaut-core/commit/6deb60b75517f80c57b42d935f07955c773b766dghsaWEB
- github.com/micronaut-projects/micronaut-core/commit/9d1eff5c8df1d6cda1fe00ef046729b2a6abe7f1ghsax_refsource_MISCWEB
- github.com/micronaut-projects/micronaut-core/commit/bc855e439c4a5ced3d83195bb59d0679cbd95addghsaWEB
- github.com/micronaut-projects/micronaut-core/security/advisories/GHSA-694p-xrhg-x3wmghsax_refsource_MISCWEB
- snyk.io/vuln/SNYK-JAVA-IOMICRONAUT-561342ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.