Name | CVE-2020-10108 |
Description | In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with two content-length headers, it ignored the first header. When the second content-length value was set to zero, the request body was interpreted as a pipelined request. |
Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
References | DLA-2145-1, DLA-2927-1 |
Debian Bugs | 953950 |
The table below lists information on source packages.
The information below is based on the following data on fixed versions.