6 matches found
UBUNTU-CVE-2026-42578
Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty's HttpProxyHandler constructs HTTP CONNECT requests with header validation explicitly disabled. The newInitialMessage method creates headers using...
CVE-2026-42578
Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty's HttpProxyHandler constructs HTTP CONNECT requests with header validation explicitly disabled. The newInitialMessage method creates headers using...
Netty has HTTP Header Injection via HttpProxyHandler Disabled Validation (Incomplete Fix CVE-2025-67735)
Security Vulnerability Report: HTTP Header Injection via HttpProxyHandler Disabled Validation in Netty 1. Vulnerability Summary | Field | Value | |-------|-------| | Product | Netty | | Version | 4.2.12.Final and all prior versions | | Component | io.netty.handler.proxy.HttpProxyHandler | |...
GHSA-45Q3-82M4-75JR Netty has HTTP Header Injection via HttpProxyHandler Disabled Validation (Incomplete Fix CVE-2025-67735)
Security Vulnerability Report: HTTP Header Injection via HttpProxyHandler Disabled Validation in Netty 1. Vulnerability Summary | Field | Value | |-------|-------| | Product | Netty | | Version | 4.2.12.Final and all prior versions | | Component | io.netty.handler.proxy.HttpProxyHandler | |...
CVE-2026-32854
LibVNCServer versions 0.9.15 and prior fixed in commit dc78dee contain null pointer dereference vulnerabilities in the HTTP proxy handlers within httpProcessInput in httpd.c that allow remote attackers to cause a denial of service by sending specially crafted HTTP requests. Attackers can exploit...
LibVNCServer 代码问题漏洞
LibVNCServer is a cross-platform C language library that enables the implementation of VNC Virtual Network Computing server or client functions in programs. Versions of LibVNCServer prior to 0.9.15 have code vulnerabilities due to a null pointer dereferencing issue in the HTTP proxy handler, whic...