CVE-2020-7611

Summary

All versions of io.micronaut:micronaut-http-client before 1.2.11 and all versions from 1.3.0 before 1.3.2 are vulnerable to HTTP Request Header Injection due to not validating request headers passed to the client.

Affected Software

VendorProductVersion RangeStatus
n/aio.micronaut:micronaut-http-clientall versions before 1.2.11affected
n/aio.micronaut:micronaut-http-clientall versions from 1.3.0 before 1.3.2affected

Weaknesses

  • HTTP Request Header Injection

ADP Enrichment

CVE Program Container

Additional References

References