CVE-2020-7238 vulnerability in Netty and Other Products
Published on January 27, 2020

Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such as a [space]Transfer-Encoding:chunked line) and a later Content-Length header. This issue exists because of an incomplete fix for CVE-2019-16869.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2020-7238

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-7238 are published in these products:

Netty

Fedora Project Fedora

Debian Linux

Red Hat Jboss Enterprise Application Platform

Red Hat Jboss Enterprise Application Platform Text Only Advisories

Red Hat Openshift Application Runtimes Text Only Advisories

Exploit Probability

EPSS

1.50%

Percentile

80.93%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-7238 vulnerability in Netty and Other ProductsPublished on January 27, 2020

Products Associated with CVE-2020-7238

Exploit Probability

CVE-2020-7238 vulnerability in Netty and Other Products
Published on January 27, 2020