Download
| Alert*
oval:org.secpod.oval:def:67195
netty: None Details: USN-4600-1 fixed multiple vunerabilities in Netty 3.9. This update provides the corresponding fixes for CVE-2019-20444, CVE-2019-20445 for Netty. Also it was discovered that Netty allow for unbounded memory allocation. A remote attacker could send a large stream to the Netty ser ... oval:org.secpod.oval:def:67194 netty-3.9: Asynchronous event-driven network application framework Netty could be made to expose sensitive information over the network. oval:org.secpod.oval:def:70241 netty-3.9: Asynchronous event-driven network application framework Several security issues were fixed in Netty. oval:org.secpod.oval:def:2004759 HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header. oval:org.secpod.oval:def:705649 netty-3.9: Asynchronous event-driven network application framework Several security issues were fixed in Netty. oval:org.secpod.oval:def:705716 netty-3.9: Asynchronous event-driven network application framework Netty could be made to expose sensitive information over the network. oval:org.secpod.oval:def:705729 netty: None Details: USN-4600-1 fixed multiple vunerabilities in Netty 3.9. This update provides the corresponding fixes for CVE-2019-20444, CVE-2019-20445 for Netty. Also it was discovered that Netty allow for unbounded memory allocation. A remote attacker could send a large stream to the Netty ser ... oval:org.secpod.oval:def:71231 Multiple security issues were discovered in libnetty-java, a Java NIO client/server framework, which could result in HTTP request smuggling, denial of service or information disclosure. oval:org.secpod.oval:def:605483 Multiple security issues were discovered in libnetty-java, a Java NIO client/server framework, which could result in HTTP request smuggling, denial of service or information disclosure. |