CVE-2023-38697

Name of the Vulnerable Software and Affected Versions protocol-http1 versions prior to 0.15.1

Description The issue is related to the implementation of the HTTP/1 protocol in protocol-http1, specifically with the handling of HTTP requests. The problem arises from the acceptance of non-standard formats for the Content-Length header and chunk size, which can lead to desynchronization when forwarding through multiple HTTP parsers. This can potentially result in HTTP request smuggling and firewall bypassing. The behavior does not follow the corresponding RFCs, which define the format for chunk size, chunk data, and chunk extension. There are no known real-world exploits or practical attacks reported.

Recommendations For protocol-http1 versions prior to 0.15.1, update to version 0.15.1 or later to fix the issue. As a temporary workaround, consider restricting the use of the Content-Length header and chunk size to standard formats to minimize the risk of exploitation. Avoid using the + prefix and 0x prefix in the Content-Length header and chunk size until the issue is resolved. Restrict access to the vulnerable protocol-http1 module to minimize the risk of exploitation.