HTTP Request Header Injection Vulnerability in Micronaut HTTP Client

HTTP Request Header Injection Vulnerability in Micronaut HTTP Client

CVE-2020-7611 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

All versions of io.micronaut:micronaut-http-client before 1.2.11 and all versions from 1.3.0 before 1.3.2 are vulnerable to HTTP Request Header Injection due to not validating request headers passed to the client.

Learn more about our Web Application Penetration Testing UK.