VYPR
High severityNVD Advisory· Published Sep 26, 2019· Updated Jul 7, 2025

CVE-2019-16869

CVE-2019-16869

Description

Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a "Transfer-Encoding : chunked" line), which leads to HTTP request smuggling.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
io.netty:netty-allMaven
>= 4.0.0.Alpha1, < 4.1.42.Final4.1.42.Final
org.jboss.netty:nettyMaven
>= 0

Affected products

3

Patches

Vulnerability mechanics

References

84

News mentions

0

No linked articles in our index yet.