CVE-2019-10797

Medium

Netty in WSO2 transport-http before v6.3.1 is vulnerable to HTTP Response Splitting due to HTTP Header validation being disabled.

snyk·NVD-CWE-Other·Published 2020-02-19

CVSS

6.5

EPSS

0.01

KEV

Exploits

cve.orgen

129 chars

Netty in WSO2 transport-http before v6.3.1 is vulnerable to HTTP Response Splitting due to HTTP Header validation being disabled.

NVDen

129 chars

Netty in WSO2 transport-http before v6.3.1 is vulnerable to HTTP Response Splitting due to HTTP Header validation being disabled.

OSV.deven

129 chars

Netty in WSO2 transport-http before v6.3.1 is vulnerable to HTTP Response Splitting due to HTTP Header validation being disabled.

GHSAen

129 chars

Netty in WSO2 transport-http before v6.3.1 is vulnerable to HTTP Response Splitting due to HTTP Header validation being disabled.

NVDes

166 chars

Netty en WSO2 transport-http versiones anteriores a v6.3.1, es vulnerable a HTTP Response Splitting debido a que una comprobación de Encabezado HTTP es deshabilitada.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N
3.1	Primary	NVD	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N