What is CVE-2020-1935?

CVE-2020-1935 is a vulnerability in Apache Tomcat. Published 2020-02-24.

Is CVE-2020-1935 known to be exploited?

8 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Apache Tomcat

CVE-2020-1935

In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP R…

EPSS: 0.014 (80.7th percentile) — read the EPSS interpretation.

Affected products

Apache Tomcat — versions Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50, 7.0.0 to 7.0.99

Public proof-of-concept exploits

References

[tomcat-announce] 20200224 [SECURITY] CVE-2020-1935 HTTP Request Smuggling (mailing-list, x_refsource_MLIST)
[debian-lts-announce] 20200304 [SECURITY] [DLA 2133-1] tomcat7 security update (mailing-list, x_refsource_MLIST)
openSUSE-SU-2020:0345 (vendor-advisory, x_refsource_SUSE)
[tomee-commits] 20200320 [jira] [Created] (TOMEE-2790) TomEE plus(7.0.7) is affected by CVE-2020-1935 & CVE-2019-17569 vulnerabilities (mailing-list, x_refsource_MLIST)
[tomee-commits] 20200323 [jira] [Commented] (TOMEE-2790) TomEE plus(7.0.7) is affected by CVE-2020-1935 & CVE-2019-17569 vulnerabilities (mailing-list, x_refsource_MLIST)
DSA-4673 (vendor-advisory, x_refsource_DEBIAN)
DSA-4680 (vendor-advisory, x_refsource_DEBIAN)
[debian-lts-announce] 20200528 [SECURITY] [DLA 2209-1] tomcat8 security update (mailing-list, x_refsource_MLIST)
www.oracle.com/security-alerts/cpujul2020.html (x_refsource_MISC)
security.netapp.com/advisory/ntap-20200327-0005/ (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2020-1935?: CVE-2020-1935 is a vulnerability in Apache Tomcat. Published 2020-02-24.
Is CVE-2020-1935 known to be exploited?: 8 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.