Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown
CVE-2020-7238
Disclosure Date: January 27, 2020 (last updated November 08, 2023)
Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such as a [space]Transfer-Encoding:chunked line) and a later Content-Length header. This issue exists because of an incomplete fix for CVE-2019-16869.
0
Attacker Value
Unknown
CVE-2019-16869
Disclosure Date: September 26, 2019 (last updated November 08, 2023)
Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a "Transfer-Encoding : chunked" line), which leads to HTTP request smuggling.
0