CVSS: 5.9EPSS: 5%CPEs: 28EXPL: 0CVE-2021-21409 – Possible request smuggling in HTTP/2 due missing validation of content-length
https://notcve.org/view.php?id=CVE-2021-21409
30 Mar 2021 — Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.61.Final there is a vulnerability that enables request smuggling. The content-length header is not correctly validated if the request only uses a single Http2HeaderFrame with the endStream set to to true. This could lead to request smuggling if the request is proxied to a remote peer and tr... • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21295 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 5.9EPSS: 1%CPEs: 8EXPL: 0CVE-2021-21295 – Possible request smuggling in HTTP/2 due missing validation
https://notcve.org/view.php?id=CVE-2021-21295
09 Mar 2021 — Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.60.Final there is a vulnerability that enables request smuggling. If a Content-Length header is present in the original HTTP/2 request, the field is not validated by `Http2MultiplexHandler` as it is propagated up. This is fine as long as the request is not proxied through as HTTP/1.1. If th... • https://github.com/Netflix/zuul/pull/980 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 6.2EPSS: 0%CPEs: 21EXPL: 1CVE-2021-21290 – Local Information Disclosure Vulnerability in Netty on Unix-Like systems due temporary files
https://notcve.org/view.php?id=CVE-2021-21290
08 Feb 2021 — Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty before version 4.1.59.Final there is a vulnerability on Unix-like systems involving an insecure temp file. When netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. On unix-like systems, the temporary directory is shared be... • https://github.com/netty/netty/commit/c735357bf29d07856ad171c6611a2e1a0e0000ec • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-378: Creation of Temporary File With Insecure Permissions CWE-379: Creation of Temporary File in Directory with Insecure Permissions CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 7.5EPSS: 1%CPEs: 15EXPL: 0CVE-2020-11612 – netty: compression/decompression codecs don't enforce limits on buffer allocation sizes
https://notcve.org/view.php?id=CVE-2020-11612
07 Apr 2020 — The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. An attacker could send a large ZlibEncoded byte stream to the Netty server, forcing the server to allocate all of its free memory to a single decoder. El ZlibDecoders en Netty versiones 4.1.x anteriores a 4.1.46, permite una asignación de memoria ilimitada mientras decodifican un flujo de bytes de ZlibEncoded. Un atacante podría enviar una secuencia de bytes de ZlibEncoded grande hac... • https://github.com/netty/netty/compare/netty-4.1.45.Final...netty-4.1.46.Final • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.1EPSS: 2%CPEs: 12EXPL: 1CVE-2019-20444 – netty: HTTP request smuggling
https://notcve.org/view.php?id=CVE-2019-20444
29 Jan 2020 — HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an "invalid fold." El archivo HttpObjectDecoder.java en Netty versiones anteriores a 4.1.44, permite un encabezado HTTP que carece de ":" dos puntos, que podría ser interpretado como un encabezado separado con una sintaxis incorrecta, o podría ser interpretado como un "invalid fold." A HTTP smuggling flaw was found in Htt... • https://access.redhat.com/errata/RHSA-2020:0497 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 9.1EPSS: 0%CPEs: 14EXPL: 1CVE-2019-20445 – netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header
https://notcve.org/view.php?id=CVE-2019-20445
29 Jan 2020 — HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header. "El archivo HttpObjectDecoder.java en Netty versiones anteriores a 4.1.44, permite que un encabezado Content-Length esté acompañado por un segundo encabezado Content-Length o por un encabezado Transfer-Encoding." A flaw was found in Netty before version 4.1.44, where it accepted multiple Content-Length headers and also accepted both Transfer-Enco... • https://access.redhat.com/errata/RHSA-2020:0497 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 1CVE-2020-7238 – netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling
https://notcve.org/view.php?id=CVE-2020-7238
27 Jan 2020 — Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such as a [space]Transfer-Encoding:chunked line) and a later Content-Length header. This issue exists because of an incomplete fix for CVE-2019-16869. Netty versión 4.1.43.Final, permite el tráfico no autorizado de peticiones HTTP porque maneja inapropiadamente el espacio en blanco de Transfer-Encoding (tal y como una línea [space]Transfer-Encoding:chunked) y un encabezado Content-Length posterior. Este prob... • https://access.redhat.com/errata/RHSA-2020:0497 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.5EPSS: 2%CPEs: 11EXPL: 1CVE-2019-16869 – netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers
https://notcve.org/view.php?id=CVE-2019-16869
26 Sep 2019 — Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a "Transfer-Encoding : chunked" line), which leads to HTTP request smuggling. Netty versiones anteriores a 4.1.42.Final, maneja inapropiadamente los espacios en blanco antes de los dos puntos en los encabezados HTTP (tal y como una línea "Transfer-Encoding : chunked"), lo que conlleva al tráfico no autorizado de peticiones HTTP. A flaw was found in Netty, where whitespace before the colon in HTTP headers is mishandled.... • https://access.redhat.com/errata/RHSA-2019:3892 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.5EPSS: 3%CPEs: 110EXPL: 0CVE-2015-2156
https://notcve.org/view.php?id=CVE-2015-2156
18 Oct 2017 — Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0.28.Final, and 4.1.x before 4.1.0.Beta5 and Play Framework 2.x before 2.3.9 might allow remote attackers to bypass the httpOnly flag on cookies and obtain sensitive information by leveraging improper validation of cookie name and value characters. Netty en versiones anteriores a la 3.9.8.Final, 3.10.x anteriores a la 3.10.3.Final, 4.0.x anteriores a la 4.0.28.Final y 4.1.x anteriores a la 4.1.0.Beta5 y Play Framework 2.x en versiones ante... • http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159379.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 8%CPEs: 5EXPL: 0CVE-2016-4970 – netty: Infinite loop vulnerability when handling renegotiation using SslProvider.OpenSsl
https://notcve.org/view.php?id=CVE-2016-4970
13 Apr 2017 — handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and 4.1.x before 4.1.1.Final allows remote attackers to cause a denial of service (infinite loop). handler/ssl/OpenSslEngine.java en Netty 4.0.x en versiones anteriores a 4.0.37.Final y 4.1.x en versiones anteriores a 4.1.1.Final permite a los atacantes remotos provocar una denegación de servicio (bucle infinito). Red Hat JBoss Data Grid is a distributed in-memory data grid, based on Infinispan. This release of Red Hat JBoss Data Grid 7.1.0 s... • http://netty.io/news/2016/06/07/4-0-37-Final.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •