Get a Demo

Let's Patch It!

Book a short call with one our specialists, we'll walk you through how Endor Patches work, and ask you a few questions about your environment (like your primary programming languages and repository management). We'll also send you an email right after you fill out the form, feel free to reply with any questions you have in advance!

CVE

GHSA-86wm-rrjm-8wh8

Buffer not correctly recycled in Gzip Request inflation
Back to all
CVE

GHSA-86wm-rrjm-8wh8

Buffer not correctly recycled in Gzip Request inflation

Impact

If GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection and if an 

attacker can send a request with a body that is received entirely by not consumed by the application, then a subsequent request

on the same connection will see that body prepended to it's body.

The attacker will not see any data, but may inject data into the body of the subsequent request

CVE score is 4.8 AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L

Workarounds

The problem can be worked around by either:

  • Disabling compressed request body inflation by GzipHandler.
  • By always fully consuming the request content before sending a response.
  • By adding a Connection: close to any response where the servlet does not fully consume request content.

Package Versions Affected

Package Version
patch Availability
No items found.

Automatically patch vulnerabilities without upgrading

Fix Without Upgrading
Detect compatible fix
Apply safe remediation
Fix with a single pull request

CVSS Version

Severity
Base Score
CVSS Version
Score Vector
C
H
U
-
C
H
U
-
C
H
U
-

Related Resources

No items found.

References

Severity

4.8

CVSS Score
0
10

Basic Information

Ecosystem
Base CVSS
4.8
EPSS Probability
0.00599%
EPSS Percentile
0.68671%
Introduced Version
7.0.0.M0
Fix Available
9.4.35.v20201120

Fix Critical Vulnerabilities Instantly

Secure your app without upgrading.
Fix Without Upgrading