{"id":"CVE-2017-12165","details":"It was discovered that Undertow before 1.4.17, 1.3.31 and 2.0.0 processes http request headers with unusual whitespaces which can cause possible http request smuggling.","aliases":["GHSA-5gg7-5wv8-4gcj"],"modified":"2026-05-15T12:03:02.227500892Z","published":"2018-07-27T15:29:00.237Z","database_specific":{"unresolved_ranges":[{"cpes":["cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*","cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*"],"vendor_product":"redhat:jboss_enterprise_application_platform","source":"CPE_FIELD","extracted_events":[{"last_affected":"7.0.0"},{"last_affected":"7.1.0"}]},{"cpes":["cpe:2.3:a:redhat:undertow:2.0.0:alpha_1:*:*:*:*:*:*"],"vendor_product":"redhat:undertow","source":"CPE_FIELD","extracted_events":[{"last_affected":"2.0.0-alpha_1"}]}]},"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:3454"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:3455"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:3456"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:3458"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:0002"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:0003"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:0004"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:0005"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:1322"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12165"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}]}