CVE-2017-12165

Name of the Vulnerable Software and Affected Versions Undertow versions prior to 1.4.17 Undertow versions prior to 1.3.31 Undertow versions prior to 2.0.0

Description It was discovered that Undertow processes HTTP request headers with unusual whitespaces, which can cause possible HTTP request smuggling.

Recommendations For versions prior to 1.4.17, update to version 1.4.17 or later. For versions prior to 1.3.31, update to version 1.3.31 or later. For versions prior to 2.0.0, update to version 2.0.0 or later.