CVE-2020-1935 (Medium) detected in tomcat-embed-core-8.0.53.jar

[mend-for-github-com]

CVE-2020-1935 - Medium Severity Vulnerability

Vulnerable Library - tomcat-embed-core-8.0.53.jar

Core Tomcat implementation

Library home page: https://tomcat.apache.org/

Path to dependency file: TimeBase/java/quantserver/web/build.gradle

Path to vulnerable library: canner/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/8.0.53/9bfd668c63434597ac1d561c9434c166d93fff21/tomcat-embed-core-8.0.53.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.tomcat.embed/tomcat-embed-core/8.0.53/9bfd668c63434597ac1d561c9434c166d93fff21/tomcat-embed-core-8.0.53.jar

Dependency Hierarchy:

• ❌ tomcat-embed-core-8.0.53.jar (Vulnerable Library)

Found in HEAD commit: 98f6880b361c00a247f77e79a787646e9664cadd

Found in base branch: main

Vulnerability Details

In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.

Publish Date: 2020-02-24

URL: CVE-2020-1935

CVSS 3 Score Details (4.8)

Base Score Metrics:

• Exploitability Metrics:
  • Attack Vector: Network
  • Attack Complexity: High
  • Privileges Required: None
  • User Interaction: None
  • Scope: Unchanged
• Impact Metrics:
  • Confidentiality Impact: Low
  • Integrity Impact: Low
  • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-6v7p-v754-j89v

Release Date: 2020-02-24

Fix Resolution: org.apache.tomcat.embed:tomcat-embed-core:7.0.100,8.5.51,9.0.31;org.apache.tomcat:tomcat-coyote:7.0.100,8.5.51,9.0.31