HTTP Request Smuggling in Talend/component-runtime (master)
- Vulnerability: HTTP Request Smuggling
- Severity: Medium
- Project: Talend/component-runtime
- Branch: master
- Scan Date: Unknown
Tomcat Coyote is vulnerable to http request smuggling. The vulnerability exists in the `parseHeader` function of `Http11InputBuffer.java` because tomcat doesn't properly reject the requests containing invalid Content-Length headers which allows an attacker to smuggle HTTP requests.