HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header.
| Score | Percentile |
|---|---|
| 2.84% | 85.95% |
No CVSS scores in this advisory.
| Type | Value |
|---|---|
| GHSA | GHSA-p2v9-g2qv-p635 ↗ |
| CVE | CVE-2019-20445 ↗ |
| CWE id | Name |
|---|---|
| CWE-444 | Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') |
Vulnerable version ranges and first patched releases as published by GitHub.
| Ecosystem | Package | Vulnerable range | First patched | Vulnerable functions |
|---|---|---|---|---|
| maven | io.netty:netty-handler | >= 4.0.0, < 4.1.45 | 4.1.45 | — |
| maven | org.jboss.netty:netty | < 4.0.0 | — | — |
| maven | io.netty:netty | < 4.0.0 | — | — |