suse · CVE-2020-10109

Quick triage

Priority: high Published: 2021-05-30 14:38:33 UTC Updated: 2025-05-01 00:52:21 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2020-10109 severity important: SUSE including 7 source package names (matrix-synapse-1.43.0-1.1, python-Twisted, …), 30 product×package rows across 28 product lines (HPE Helion OpenStack 8, Image SLES15-SP3-BYOS-Azure, … (28 product lines)): Fixed 29, Known Not Affected 1.

Description:

In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with a content-length and a chunked encoding header, the content-length took precedence and the remainder of the request body was interpreted as a pipelined request.

cvelogic Threat Intelligence