VYPR
High severityNVD Advisory· Published Jan 27, 2020· Updated Aug 4, 2024

CVE-2020-7238

CVE-2020-7238

Description

Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such as a [space]Transfer-Encoding:chunked line) and a later Content-Length header. This issue exists because of an incomplete fix for CVE-2019-16869.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
io.netty:netty-handlerMaven
>= 4.1.43, < 4.1.454.1.45

Affected products

2

Patches

Vulnerability mechanics

References

26

News mentions

0

No linked articles in our index yet.