Request smuggling is possible when running behind a proxy that doesn't handle Content-Length and Transfer-Encoding properly or doesn't handle alone \n as a headers separator.
https://github.com/ktorio/ktor/pull/1547
None except migrating to a better proxy.
https://portswigger.net/web-security/request-smuggling https://tools.ietf.org/html/rfc7230#section-9.5
{ "nvd_published_at": null, "github_reviewed_at": "2020-01-27T19:28:00Z", "severity": "LOW", "github_reviewed": true, "cwe_ids": [ "CWE-444" ] }