Netty 4.1.43.Final allows HTTP... CVE-2020-7238

- AV AC AU C I A
发布: 2020-01-20
修订: 2020-10-15

Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such as a [space]Transfer-Encoding:chunked line) and a later Content-Length header. This issue exists because of an incomplete fix for CVE-2019-16869.

0%
暂无可用Exp或PoC
产品及版本信息(CPE)暂不可用