The vulnerability of the Netty network programming framework lies in the creation of temporary files with insecure permissions, allowing attackers to access confidential data.

The vulnerability of the Netty network programming framework lies in the creation of temporary files with insecure permissions. Exploiting this vulnerability can allow an attacker to gain access to confidential data...

The vulnerability of the HttpObjectDecoder.java component of the Netty network programming framework, related to a deficiency in HTTP request interpretation, allows attackers to access confidential data and compromise its integrity.

The vulnerability of the HttpObjectDecoder.java component of the Netty network programming framework is related to a deficiency in HTTP request interpretation. Exploiting this vulnerability can allow an attacker to gain access to confidential data and compromise its integrity...

OESA-2021-1472 netty security update

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. %package help Summary: Documents for Buildarch: noarch Requires: man info Provides: -javadoc = - Obsoletes: -javadoc - %description help Man pages...

CVE-2021-21290

Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty before version 4.1.59.Final there is a vulnerability on Unix-like systems involving an insecure temp file. When netty's...

netty: HTTP request smuggling

A HTTP smuggling flaw was found in HttpObjectDecoder.java in Netty in versions prior to version 4.1.44. HTTP headers with an invalid fold, in this case CRLF carriage return, line feed without being followed by SP space or HTAB horizontal tab, result in situations where headers can be misread. Dat...

netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header

A flaw was found in Netty before version 4.1.44, where it accepted multiple Content-Length headers and also accepted both Transfer-Encoding, as well as Content-Length headers where it should reject the message under such circumstances. In circumstances where Netty is used in the context of a...

Netty Environment Issues Vulnerabilities

Netty is a non-blocking I/O client-server framework from the Netty community, which is primarily used for developing Java web applications such as protocol servers and clients. There is an environmental issue vulnerability in Netty. The vulnerability stems from an unreasonable environmental facto...

The vulnerability relates to the implementation of the HTTP/2 network protocol on Windows operating systems, nginx servers, network programming tools like netty, Envoy, SwiftNIO, and Node.js software platforms. This allows attackers to induce service failures.

The vulnerability of the HTTP/2 network protocol implementation in Windows operating systems, nginx servers, network programming tools like Netty, Envoy, SwiftNIO, and Node.js software platforms is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a maliciou...

Mallet - A Framework For Creating Proxies

Mallet is a tool for creating proxies for arbitrary protocols, along similar lines to the familiar intercepting web proxies, just more generic. It is built upon the Netty framework, and relies heavily on the Netty pipeline concept, which allows the graphical assembly of graphs of handlers. In the...