Lucene search
K

50 matches found

Chainguard
Chainguard
added 2025/03/24 10:12 p.m.25 views

CVE-2019-20445 vulnerabilities

Vulnerabilities for packages: hadoop-fips...

9.1CVSS7.5AI score0.13474EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 7:6 p.m.41 views

Security Bulletin: Vulnerabilities in Netty affect IBM watsonx.data

Summary Netty is vulnerable to HTTP request smuggling and weaker than expected security. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2019-20444 DESCRIPTION: Netty is vulnerable to HTTP request smuggling, caused by a flaw in the HttpObjectDecoder.java. By sending a...

9.1CVSS9.1AI score0.13474EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/03 8:5 p.m.31 views

Security Bulletin: Vulnerabilities in Netty affect watsonx.data

Summary Netty is vulnerable to HTTP request smuggling, to remote attacks causing weaker than expected security, and to denial of service attacks. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2019-16869 DESCRIPTION: Netty is vulnerable to HTTP request smuggling, caused by a flaw...

9.1CVSS8.5AI score0.13474EPSS
Exploits4Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/08/26 12:0 a.m.38 views

RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.1.7 on RHEL 7 (RHSA-2024:5856)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5856 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

9.8CVSS8.4AI score0.87806EPSS
Exploits17References47
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/03 5:3 p.m.63 views

Security Bulletin: Netty Vulnerabilites 4.0.37

Summary Netty could provide various potential exploitable entry points including weaker than expected security, netty-codec is vulnerable to a denial of service, and HTTP request smuggling Vulnerability Details CVEID:CVE-2019-16869 DESCRIPTION: Netty is vulnerable to HTTP request smuggling, cause...

9.1CVSS8.2AI score0.18891EPSS
Exploits5Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/01/23 12:0 a.m.57 views

RHEL 6 / 7 / 8 : AMQ Clients 2.6.0 Release (Important) (RHSA-2020:0601)

The remote Redhat Enterprise Linux 6 / 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0601 advisory. Red Hat AMQ Clients enable connecting, sending, and receiving messages over the AMQP 1.0 wire transport protocol to or from AMQ Brok...

9.1CVSS7.2AI score0.13474EPSS
Exploits3References26
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/06 12:30 p.m.49 views

Security Bulletin: IBM Security Guardium Insights is affected by Components with known vulnerabilities

Summary IBM Security Guardium Insights has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2019-16869 DESCRIPTION: Netty is vulnerable to HTTP request smuggling, caused by a flaw when handling unusual whitespaces before the colon in HTTP headers. By sending a...

9.1CVSS0.6AI score0.13474EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/05 9:5 p.m.47 views

Security Bulletin: Netty Vulnerabilities Affect the B2B API of IBM Sterling B2B Integrator

Summary IBM Sterling B2B Integrator has addressed the security vulnerabilities. Vulnerability Details CVEID: CVE-2019-20445 DESCRIPTION: Netty could provide weaker than expected security, caused by non-proper handling of Content-Length and Transfer-Encoding in the HttpObjectDecoder.java. A remote...

9.1CVSS0.7AI score0.18891EPSS
Exploits4Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/04/06 12:0 a.m.239 views

Debian DSA-4885-1 : netty - security update

Multiple security issues were discovered in Netty, a Java NIO client/server framework, which could result in HTTP request smuggling, denial of service or information disclosure. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...

9.1CVSS6.4AI score0.18891EPSS
Exploits4References10
IBM Security Bulletins
IBM Security Bulletins
added 2021/01/13 4:29 p.m.47 views

Security Bulletin: IBM MaaS360 Mobile Enterprise Gateway has security vulnerabilities (CVE-2019-2044, CVE-2019-2045)

Summary Two vulnerabilities were identified and remediated in the IBM MaaS360 Mobile Enterprise Gateway. Vulnerability Details CVEID: CVE-2019-20445 DESCRIPTION: Netty could provide weaker than expected security, caused by non-proper handling of Content-Length and Transfer-Encoding in the...

10CVSS1.3AI score0.13474EPSS
Exploits2Affected Software1
OpenVAS
OpenVAS
added 2020/10/28 12:0 a.m.25 views

Ubuntu: Security Advisory (USN-4600-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS8.6AI score0.13474EPSS
Exploits4References2
OSV
OSV
added 2020/10/27 1:40 p.m.5 views

USN-4600-2 netty vulnerabilities

USN-4600-1 fixed multiple vunerabilities in Netty 3.9. This update provides the corresponding fixes for CVE-2019-20444, CVE-2019-20445 for Netty. Also it was discovered that Netty allow for unbounded memory allocation. A remote attacker could send a large stream to the Netty server causing it to...

9.1CVSS6.9AI score0.13474EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2020/10/27 12:0 a.m.49 views

Ubuntu 18.04 LTS : Netty vulnerabilities (USN-4600-2)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4600-2 advisory. USN-4600-1 fixed multiple vunerabilities in Netty 3.9. This update provides the corresponding fixes for CVE-2019-20444, CVE-2019-20445 for Netty. Also it...

9.1CVSS7.1AI score0.13474EPSS
Exploits2References4
Ubuntu
Ubuntu
added 2020/10/22 6:26 p.m.101 views

USN-4600-1: Netty vulnerabilities

It was discovered that Netty had HTTP request smuggling vulnerabilities. A remote attacker could used it to extract sensitive information. CVE-2019-16869, CVE-2019-20444, CVE-2019-20445, CVE-2020-7238...

9.1CVSS7AI score0.13474EPSS
Exploits4
IBM Security Bulletins
IBM Security Bulletins
added 2020/10/09 7:48 p.m.25 views

Security Bulletin: IBM Security Guardium Insights is affected by a Netty vulnerability

Summary IBM Security Guardium Insights has addressed the following vulnerability Vulnerability Details CVEID: CVE-2019-20445 DESCRIPTION: Netty could provide weaker than expected security, caused by non-proper handling of Content-Length and Transfer-Encoding in the HttpObjectDecoder.java. A remot...

9.1CVSS0.6AI score0.13474EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/27 5:34 p.m.53 views

Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - Netty (CVE-2019-20445, CVE-2019-20444)

Summary Security vulnerabilities affect IBM Cloud Private Vulnerability Details CVEID: CVE-2019-20445 DESCRIPTION: Netty could provide weaker than expected security, caused by non-proper handling of Content-Length and Transfer-Encoding in the HttpObjectDecoder.java. A remote attacker could exploi...

9.1CVSS0.4AI score0.13474EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/09/23 12:0 a.m.43 views

Ubuntu 18.04 LTS : Netty vulnerabilities (USN-4532-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4532-1 advisory. It was discovered that Netty incorrectly handled certain HTTP headers. By sending an HTTP header with whitespace before the colon, a remote attacker coul...

9.1CVSS7.2AI score0.13474EPSS
Exploits3References4
Ubuntu
Ubuntu
added 2020/09/22 4:15 p.m.91 views

USN-4532-1: Netty vulnerabilities

It was discovered that Netty incorrectly handled certain HTTP headers. By sending an HTTP header with whitespace before the colon, a remote attacker could possibly use this issue to perform an HTTP request smuggling attack. CVE-2019-16869 It was discovered that Netty incorrectly handled certain...

9.1CVSS7.1AI score0.13474EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2020/09/08 12:0 a.m.55 views

Debian DLA-2365-1 : netty-3.9 security update

Several vulnerabilities have been discovered in netty-3.9, a Java NIO client/server socket framework. CVE-2019-16869 Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers such as a 'Transfer-Encoding : chunked' line, which leads to HTTP request smuggling. CVE-2019-20444...

9.1CVSS6.9AI score0.13474EPSS
Exploits3References6
Tenable Nessus
Tenable Nessus
added 2020/09/08 12:0 a.m.47 views

Debian DLA-2364-1 : netty security update

Several vulnerabilities have been discovered in netty, a Java NIO client/server socket framework. CVE-2019-20444 HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interprete...

9.1CVSS6.9AI score0.13474EPSS
Exploits4References7
Rows per page
Query Builder