Lucene search
K

2734 matches found

OSV
OSV
added 2020/01/29 9:15 p.m.2 views

UBUNTU-CVE-2019-20444

HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an "invalid fold."...

9.1CVSS6.9AI score0.08914EPSS
Exploits1References9
Prion
Prion
added 2020/01/29 9:15 p.m.32 views

Design/Logic Flaw

HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header...

6.4CVSS8.8AI score0.13474EPSS
Exploits1References54Affected Software7
UbuntuCve
UbuntuCve
added 2020/01/29 9:15 p.m.40 views

CVE-2019-20445

HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header...

9.1CVSS6.8AI score0.13474EPSS
Exploits1References8
Prion
Prion
added 2020/01/29 9:15 p.m.33 views

Design/Logic Flaw

HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an "invalid fold."...

6.4CVSS8.9AI score0.08914EPSS
Exploits1References66Affected Software6
UbuntuCve
UbuntuCve
added 2020/01/29 9:15 p.m.32 views

CVE-2019-20444

HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an "invalid fold."...

9.1CVSS6.8AI score0.08914EPSS
Exploits1References8
CVE
CVE
added 2020/01/29 8:33 p.m.392 views

CVE-2019-20444

CVE-2019-20444: Netty HttpObjectDecoder allows a header without a colon, enabling possible HTTP request smuggling/invalid fold. Affected: IBM StreamSets Data Collector 5.0.0–6.4.1 (per IBM bulletin). Root cause: HttpObjectDecoder handling of malformed headers. Remediation (documented): upgrade to...

9.1CVSS9AI score0.08914EPSS
Exploits1References116Affected Software1
Cvelist
Cvelist
added 2020/01/29 8:33 p.m.26 views

CVE-2019-20444

HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an "invalid fold."...

9.2AI score0.08914EPSS
Exploits1References67
Cvelist
Cvelist
added 2020/01/29 8:33 p.m.29 views

CVE-2019-20445

HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header...

9.1AI score0.13474EPSS
Exploits1References54
CVE
CVE
added 2020/01/29 8:33 p.m.402 views

CVE-2019-20445

CVE-2019-20445 affects Netty’s HttpObjectDecoder: HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header, enabling HTTP request parsing ambiguities. This can enable request-smuggling-like s...

9.1CVSS8.9AI score0.13474EPSS
Exploits1References54Affected Software1
Debian CVE
Debian CVE
added 2020/01/29 8:33 p.m.30 views

CVE-2019-20445

HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header...

9.1CVSS7.1AI score0.13474EPSS
Exploits1
NVD
NVD
added 2020/01/27 5:15 p.m.24 views

CVE-2020-7238

Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace such as a spaceTransfer-Encoding:chunked line and a later Content-Length header. This issue exists because of an incomplete fix for CVE-2019-16869...

7.5CVSS8.6AI score0.03617EPSS
Exploits1References18
OSV
OSV
added 2020/01/27 5:15 p.m.3 views

DEBIAN-CVE-2020-7238

Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace such as a spaceTransfer-Encoding:chunked line and a later Content-Length header. This issue exists because of an incomplete fix for CVE-2019-16869...

7.5CVSS7AI score0.03617EPSS
Exploits1References1
OSV
OSV
added 2020/01/27 5:15 p.m.34 views

CVE-2020-7238

Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace such as a spaceTransfer-Encoding:chunked line and a later Content-Length header. This issue exists because of an incomplete fix for CVE-2019-16869...

7.5CVSS6.9AI score
Exploits0References18
OSV
OSV
added 2020/01/27 5:15 p.m.3 views

UBUNTU-CVE-2020-7238

Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace such as a spaceTransfer-Encoding:chunked line and a later Content-Length header. This issue exists because of an incomplete fix for CVE-2019-16869...

7.5CVSS6.9AI score0.03617EPSS
Exploits1References6
Prion
Prion
added 2020/01/27 5:15 p.m.27 views

Design/Logic Flaw

Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace such as a spaceTransfer-Encoding:chunked line and a later Content-Length header. This issue exists because of an incomplete fix for CVE-2019-16869...

5CVSS8.4AI score0.08415EPSS
Exploits2References18Affected Software4
UbuntuCve
UbuntuCve
added 2020/01/27 5:15 p.m.27 views

CVE-2020-7238

Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace such as a spaceTransfer-Encoding:chunked line and a later Content-Length header. This issue exists because of an incomplete fix for CVE-2019-16869...

7.5CVSS6.9AI score0.03617EPSS
Exploits1References5
Cvelist
Cvelist
added 2020/01/27 4:43 p.m.25 views

CVE-2020-7238

Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace such as a spaceTransfer-Encoding:chunked line and a later Content-Length header. This issue exists because of an incomplete fix for CVE-2019-16869...

8.6AI score0.03617EPSS
Exploits1References18
CVE
CVE
added 2020/01/27 4:43 p.m.330 views

CVE-2020-7238

CVE-2020-7238 affects Netty 4.1.43.Final and allows HTTP Request Smuggling due to mishandling of Transfer-Encoding whitespace and a later Content-Length header, building on an incomplete fix for CVE-2019-16869. Connected documents confirm vendor advisories and multiple distributions reference Net...

7.5CVSS7.8AI score0.03617EPSS
Exploits1References18Affected Software1
Debian CVE
Debian CVE
added 2020/01/27 4:43 p.m.38 views

CVE-2020-7238

Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace such as a spaceTransfer-Encoding:chunked line and a later Content-Length header. This issue exists because of an incomplete fix for CVE-2019-16869...

7.5CVSS7.4AI score0.03617EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2020/01/22 12:0 a.m.54 views

RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.2.6 on RHEL 8 (RHSA-2020:0161)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0161 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

9.8CVSS7.1AI score0.10676EPSS
Exploits2References47
Rows per page
Query Builder