71 matches found
Information Disclosure
netty incubator codec.bhttp is vulnerable to information disclosure. The vulnerability is due to an improper fallback mechanism used to derive native memory addresses for cryptographic operations when sun.misc.Unsafe is unavailable, which allows an unauthenticated attacker to send crafted OHTTP...
Missing Cryptographic Step
Overview Affected versions of this package are vulnerable to Missing Cryptographic Step due to the lack of enforcement for receiving a cryptographically-signed final chunk before the termination of the outer HTTP body. An attacker can cause undetected truncation of chunked messages by forwarding...
CVE-2026-41207
The netty incubator codec.bhttp is a java language binary http parser. Prior to version 0.0.21.Final, HKDFexpand returns non-NULL on failure. The byte is filled with zeros and has no way to distinguish success from failure. Since this output is used as HKDF key material for the response AEAD, a...
CVE-2026-48480
The netty incubator codec.bhttp is a java language binary http parser. Prior to version 0.0.22.FInal, the codec-ohttp implementation of draft-ietf-ohai-chunked-ohttp does not verify that a cryptographically-signed final chunk was received before the outer HTTP body terminates. An on-path adversar...
CVE-2026-48480 netty-incubator-codec-ohttp OHttpVersionChunkDraft's Missing Final-Chunk Enforcement Leads to Undetected Stream Truncation
The netty incubator codec.bhttp is a java language binary http parser. Prior to version 0.0.22.FInal, the codec-ohttp implementation of draft-ietf-ohai-chunked-ohttp does not verify that a cryptographically-signed final chunk was received before the outer HTTP body terminates. An on-path adversar...
CVE-2026-48480 netty-incubator-codec-ohttp OHttpVersionChunkDraft's Missing Final-Chunk Enforcement Leads to Undetected Stream Truncation
The netty incubator codec.bhttp is a java language binary http parser. Prior to version 0.0.22.FInal, the codec-ohttp implementation of draft-ietf-ohai-chunked-ohttp does not verify that a cryptographically-signed final chunk was received before the outer HTTP body terminates. An on-path adversar...
CVE-2026-48480
The CVE concerns the netty incubator codec.bhttp (codec-ohttp) where, prior to 0.0.22.Final, the implementation of draft-ietf-ohai-chunked-ohttp fails to verify that a cryptographically-signed final chunk was received before the outer HTTP body ends. This allows an on-path adversary (OHTTP relay ...
CVE-2026-48040 netty-incubator-codec-ohttp's Incorrect Native Pointer Derivation in Pooled Direct ByteBuf Fallback Leads to Out-of-Bounds Native Memory Access
The netty incubator codec.bhttp is a java language binary http parser. The library implements Oblivious HTTP RFC 9458 using BoringSSL's HPKE C library via JNI. When deriving native memory addresses for cryptographic operations versions prior to 0.0.22.Final provide a fallback path for direct...
CVE-2026-48040
The CVE-2026-48040 entry concerns netty-incubator-codec.bhttp prior to 0.0.22.Final, where a fallback path for direct ByteBufs is taken when Unsafe is unavailable. Under these conditions, an unauthenticated network attacker can trigger cryptographic operations via crafted OHTTP requests, causing ...
EUVD-2026-34307
The netty incubator codec.bhttp is a java language binary http parser. Prior to version 0.0.21.Final, HKDFexpand returns non-NULL on failure. The byte is filled with zeros and has no way to distinguish success from failure. Since this output is used as HKDF key material for the response AEAD, a...
CVE-2026-41207
The CVE concerns the netty-incubator-codec-ohttp project. Before version 0.0.21.Final, HKDF_expand could return a non-NULL failure result and fill the output byte[] with zeros, making HKDF key material indistinguishable from a legitimate output. This zeroed material feeds directly into OHttpCrypt...
CVE-2026-41207 netty-incubator-codec-ohttp's HPKEContext operations may produce empty byte[] on failures
The netty incubator codec.bhttp is a java language binary http parser. Prior to version 0.0.21.Final, HKDFexpand returns non-NULL on failure. The byte is filled with zeros and has no way to distinguish success from failure. Since this output is used as HKDF key material for the response AEAD, a...
netty-incubator-codec-ohttp 安全漏洞
netty-incubator-codec-ohttp is an application developed by the Netty community. Versions prior to 0.0.22.Final of netty-incubator-codec-ohttp contain security vulnerabilities. These vulnerabilities stem from the codec-ohttp implementation, which does not verify whether a final block with a...
netty-incubator-codec-ohttp 缓冲区错误漏洞
netty-incubator-codec-ohttp is an application developed by the Netty community. Versions prior to 0.0.22.Final of netty-incubator-codec-ohttp contain a buffer error vulnerability. This vulnerability arises due to the use of a backtrack path when performing encryption operations via JNI on specifi...
netty-incubator-codec-ohttp 安全特征问题漏洞
netty-incubator-codec-ohttp is an application developed by the Netty community. Versions prior to 0.0.21.Final of netty-incubator-codec-ohttp contain a security vulnerability. This vulnerability arises from returning a non-empty value when HKDF-expand fails, which may lead to the use of a key wit...
Insecure Randomness
Overview Affected versions of this package are vulnerable to Insecure Randomness due to the HKDFexpand and EVPHPKECTXexport functions returning a zero-filled byte array on failure, which is then used as key material for AEAD encryption. An attacker can predict and exploit the deterministic,...
Insecure Randomness
Overview Affected versions of this package are vulnerable to Insecure Randomness due to the HKDFexpand and EVPHPKECTXexport functions returning a zero-filled byte array on failure, which is then used as key material for AEAD encryption. An attacker can predict and exploit the deterministic,...
Insecure Randomness
Overview Affected versions of this package are vulnerable to Insecure Randomness due to the HKDFexpand and EVPHPKECTXexport functions returning a zero-filled byte array on failure, which is then used as key material for AEAD encryption. An attacker can predict and exploit the deterministic,...
Insecure Randomness
Overview Affected versions of this package are vulnerable to Insecure Randomness due to the HKDFexpand and EVPHPKECTXexport functions returning a zero-filled byte array on failure, which is then used as key material for AEAD encryption. An attacker can predict and exploit the deterministic,...
Insecure Randomness
Overview Affected versions of this package are vulnerable to Insecure Randomness due to the HKDFexpand and EVPHPKECTXexport functions returning a zero-filled byte array on failure, which is then used as key material for AEAD encryption. An attacker can predict and exploit the deterministic,...