io.netty:netty-all@4.1.43.Final vulnerabilities
-
latest version
4.1.109.Final
-
latest non vulnerable version
-
first published
11 years ago
-
latest version published
21 days ago
-
licenses detected
- [4.0.0.Beta1,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the io.netty:netty-all package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
io.netty:netty-all is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. Affected versions of this package are vulnerable to HTTP Request Smuggling. It allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax or as an "invalid fold." How to fix HTTP Request Smuggling? Upgrade |
[,4.1.44.Final)
|
io.netty:netty-all is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. Affected versions of this package are vulnerable to HTTP Request Smuggling due to the package mishandling Transfer-Encoding whitespace (such as a NOTE: This vulnerability has also been identified as: CVE-2020-7238 How to fix HTTP Request Smuggling? Upgrade |
[,4.1.44.Final)
|
io.netty:netty-all is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. Affected versions of this package are vulnerable to HTTP Request Smuggling due to the package mishandling Transfer-Encoding whitespace (such as a NOTE: This vulnerability has also been identified as: CVE-2019-20445 How to fix HTTP Request Smuggling? Upgrade |
[,4.1.44.Final)
|