VYPR
Critical severityNVD Advisory· Published Jan 29, 2020· Updated Jul 1, 2025

CVE-2019-20444

CVE-2019-20444

Description

HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an "invalid fold."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
io.netty:netty-codec-httpMaven
< 4.1.444.1.44
org.jboss.netty:nettyMaven
>= 0
io.netty:nettyMaven
>= 0

Affected products

7

Patches

Vulnerability mechanics

References

122

News mentions

0

No linked articles in our index yet.