CVE-2020-7659
N/A
N/A
Summary
reel through 0.6.1 allows Request Smuggling attacks due to incorrect Content-Length and Transfer encoding header parsing. It is possible to conduct HTTP request smuggling attacks by sending the Content-Length header twice. Furthermore, invalid Transfer Encoding headers were found to be parsed as valid which could be leveraged for TE:CL smuggling attacks. Note: This project is deprecated, and is not maintained any more.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | reel | All versions including 0.6.1 | affected |
Weaknesses
- HTTP Request Smuggling
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.