[GHSA-wx5j-54mm-rqqq] HTTP request smuggling in netty

github / advisory-database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Creative Commons Attribution 4.0 International

1.72k stars 322 forks source link

[GHSA-wx5j-54mm-rqqq] HTTP request smuggling in netty #4496

Closed SunBK201 closed 2 months ago

SunBK201 commented 4 months ago

Updates

Affected products

Comments According to Patch, this vulnerability was introduced from 4.0.0.Beta2.

github commented 4 months ago

Hi there @normanmaurer! A community member has suggested an improvement to your security advisory. If approved, this change will affect the global advisory listed at github.com/advisories. It will not affect the version listed in your project repository.

This change will be reviewed by our Security Curation Team. If you have thoughts or feedback, please share them in a comment here! If this PR has already been closed, you can start a new community contribution for this advisory

shelbyc commented 4 months ago

:wave: Hi @SunBK201, where in https://github.com/netty/netty/commit/07aa6b5938a8b6ed7a6586e066400e2643897323 did you see that io.netty:netty-codec-http became vulnerable in 4.0.0.Beta2? I'm unable to find that information at the provided link.