CVE-2020-7611: Micronaut's HTTP client is vulnerable to HTTP Request Header Injection

Severity: Critical

CVSS Score: 9.8

All versions of io.micronaut:micronaut-http-client before 1.2.11 and all versions from 1.3.0 before 1.3.2 are vulnerable to HTTP Request Header Injection due to not validating request headers passed to the client.