Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2026/05/04 11:37 p.m.8 views

io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values

A flaw was found in Netty. A remote attacker could exploit this vulnerability by sending specially crafted HTTP/1.1 chunked transfer encoding extension values. Due to incorrect parsing of quoted strings, this flaw enables request smuggling attacks, potentially allowing an attacker to bypass...

7.5CVSS7.2AI score0.0064EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2026/04/14 5:20 p.m.5 views

io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values

A flaw was found in Netty. A remote attacker could exploit this vulnerability by sending specially crafted HTTP/1.1 chunked transfer encoding extension values. Due to incorrect parsing of quoted strings, this flaw enables request smuggling attacks, potentially allowing an attacker to bypass...

7.5CVSS5.8AI score0.0064EPSS
Exploits1References8
RedhatCVE
RedhatCVE
added 2026/03/27 11:27 p.m.3 views

CVE-2026-33870

A flaw was found in Netty. A remote attacker could exploit this vulnerability by sending specially crafted HTTP/1.1 chunked transfer encoding extension values. Due to incorrect parsing of quoted strings, this flaw enables request smuggling attacks, potentially allowing an attacker to bypass...

7.5CVSS5.8AI score0.0064EPSS
Exploits1References7
CVE
CVE
added 2026/03/27 7:54 p.m.624 views

CVE-2026-33870

Netty HTTP request smuggling vulnerability (CVE-2026-33870) arises from how Netty versions prior to 4.1.132.Final and 4.2.10.Final parse quoted strings in HTTP/1.1 chunked transfer encoding extension values, enabling request smuggling attacks. The IBM and OSS/Ecosystem advisories in the connected...

7.5CVSS5.8AI score0.0064EPSS
Exploits1References23Affected Software1
Rows per page
Query Builder