VYPR
Moderate severityNVD Advisory· Published Jan 29, 2020· Updated Aug 5, 2024

CVE-2019-20445

CVE-2019-20445

Description

HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
io.netty:netty-handlerMaven
>= 4.0.0, < 4.1.454.1.45
org.jboss.netty:nettyMaven
>= 0
io.netty:nettyMaven
>= 0

Affected products

9

Patches

Vulnerability mechanics

References

95

News mentions

0

No linked articles in our index yet.