GHSA-6wvc-hc5h-7fqv

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

NGINX through 1.18.0 allows an HTTP request smuggling attack that can lead to cache poisoning, credential hijacking, or security bypass.

Ссылки

https://nvd.nist.gov/vuln/detail/CVE-2020-12440
https://gist.github.com/Glassware123/1023720bf4787375a04f32a0c12e956a
https://nginx.org/en/security_advisories.html

CVE ID

CVE-2020-12440

Связанные уязвимости

CVE-2020-12440

ubuntu

больше 5 лет назад

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none

CVE-2020-12440

nvd

больше 5 лет назад

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none

CVE ID

CVE-2020-12440