CVE-2019-20444
CVE-2019-20444
HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an "invalid fold."
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://access.redhat.com/errata/RHSA-2020:0497https://access.redhat.com/errata/RHSA-2020:0567https://access.redhat.com/errata/RHSA-2020:0601https://access.redhat.com/errata/RHSA-2020:0605https://access.redhat.com/errata/RHSA-2020:0606https://access.redhat.com/errata/RHSA-2020:0804https://access.redhat.com/errata/RHSA-2020:0805https://access.redhat.com/errata/RHSA-2020:0806https://access.redhat.com/errata/RHSA-2020:0811https://github.com/netty/netty/compare/netty-4.1.43.Final...netty-4.1.44.Finalhttps://github.com/netty/netty/issues/9866https://github.com/poc-effectiveness/PoCAdaptation/tree/main/Adapted/CVE-2019-20444/5.0.0.Alpha1/exploit