what you don't know can hurt you
Showing 1 - 19 of 19 RSS Feed

CVE-2019-20445

Status Candidate

Overview

HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header.

Related Files

Red Hat Security Advisory 2021-3140-01
Posted Aug 12, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3140-01 - This release of Red Hat Fuse 7.9.0 serves as a replacement for Red Hat Fuse 7.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling, bypass, code execution, cross site scripting, denial of service, deserialization, information leakage, man-in-the-middle, memory leak, resource exhaustion, server-side request forgery, remote SQL injection, and traversal vulnerabilities.

tags | advisory, remote, web, denial of service, vulnerability, code execution, xss, sql injection, memory leak
systems | linux, redhat
advisories | CVE-2017-18640, CVE-2017-5645, CVE-2019-12402, CVE-2019-14887, CVE-2019-16869, CVE-2019-20445, CVE-2020-10688, CVE-2020-10693, CVE-2020-10714, CVE-2020-10719, CVE-2020-11996, CVE-2020-13920, CVE-2020-13934, CVE-2020-13935, CVE-2020-13936, CVE-2020-13954, CVE-2020-13956, CVE-2020-14040, CVE-2020-14297, CVE-2020-14338, CVE-2020-14340, CVE-2020-1695, CVE-2020-17510, CVE-2020-17518, CVE-2020-1925, CVE-2020-1935, CVE-2020-1938
MD5 | 21a26b1675bef95b9bb70206a03731d7
Ubuntu Security Notice USN-4600-1
Posted Oct 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4600-1 - It was discovered that Netty had HTTP request smuggling vulnerabilities. A remote attacker could used it to extract sensitive information.

tags | advisory, remote, web, vulnerability
systems | linux, ubuntu
advisories | CVE-2019-16869, CVE-2019-20444, CVE-2019-20445
MD5 | fe9692750d4cd79cb0487d583921ce2b
Ubuntu Security Notice USN-4532-1
Posted Sep 23, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4532-1 - It was discovered that Netty incorrectly handled certain HTTP headers. By sending an HTTP header with whitespace before the colon, a remote attacker could possibly use this issue to perform an HTTP request smuggling attack. It was discovered that Netty incorrectly handled certain HTTP headers. By sending an HTTP header that lacks a colon, a remote attacker could possibly use this issue to perform an HTTP request smuggling attack. Various other issues were also addressed.

tags | advisory, remote, web
systems | linux, ubuntu
advisories | CVE-2019-16869, CVE-2019-20444, CVE-2019-20445
MD5 | 5ae25a0d5a546f3db8eb194eab1e23cf
Red Hat Security Advisory 2020-3197-01
Posted Jul 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3197-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This release of Red Hat Process Automation Manager 7.8.0 serves as an update to Red Hat Process Automation Manager 7.7.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling and cross site scripting vulnerabilities.

tags | advisory, web, vulnerability, xss
systems | linux, redhat
advisories | CVE-2019-10086, CVE-2019-12406, CVE-2019-12423, CVE-2019-13990, CVE-2019-16869, CVE-2019-17573, CVE-2019-20330, CVE-2019-20444, CVE-2019-20445, CVE-2019-9512, CVE-2019-9514, CVE-2019-9515, CVE-2019-9518, CVE-2020-10672, CVE-2020-10673, CVE-2020-10968, CVE-2020-10969, CVE-2020-11111, CVE-2020-11112, CVE-2020-11113, CVE-2020-11612, CVE-2020-11619, CVE-2020-11620, CVE-2020-14060, CVE-2020-14061, CVE-2020-14062, CVE-2020-1718
MD5 | 4802194f13093960da268f98bc2961b2
Red Hat Security Advisory 2020-3196-01
Posted Jul 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3196-01 - Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. This release of Red Hat Decision Manager 7.8.0 serves as an update to Red Hat Decision Manager 7.7.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling and cross site scripting vulnerabilities.

tags | advisory, web, vulnerability, xss
systems | linux, redhat
advisories | CVE-2019-12406, CVE-2019-12423, CVE-2019-13990, CVE-2019-16869, CVE-2019-17573, CVE-2019-20330, CVE-2019-20444, CVE-2019-20445, CVE-2019-9512, CVE-2019-9514, CVE-2019-9515, CVE-2019-9518, CVE-2020-10672, CVE-2020-10673, CVE-2020-10968, CVE-2020-10969, CVE-2020-11111, CVE-2020-11112, CVE-2020-11113, CVE-2020-11612, CVE-2020-11619, CVE-2020-11620, CVE-2020-14060, CVE-2020-14061, CVE-2020-14062, CVE-2020-1718, CVE-2020-7238
MD5 | 8a5cd2ac046da586f0c207777d730e3c
Red Hat Security Advisory 2020-3192-01
Posted Jul 29, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3192-01 - This release of Red Hat Fuse 7.7.0 serves as a replacement for Red Hat Fuse 7.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling, XML injection, bypass, cross site scripting, denial of service, information leakage, and server-side request forgery vulnerabilities.

tags | advisory, web, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2016-4970, CVE-2018-1000632, CVE-2018-11797, CVE-2018-12541, CVE-2018-3831, CVE-2019-0231, CVE-2019-10086, CVE-2019-10172, CVE-2019-12086, CVE-2019-12400, CVE-2019-14540, CVE-2019-14888, CVE-2019-14892, CVE-2019-14893, CVE-2019-16335, CVE-2019-16942, CVE-2019-16943, CVE-2019-17267, CVE-2019-17531, CVE-2019-17573, CVE-2019-20330, CVE-2019-20444, CVE-2019-20445, CVE-2019-3797, CVE-2019-9511, CVE-2019-9827, CVE-2020-10672
MD5 | cecd543467bfd58c12f141dcd8d8f2e6
Red Hat Security Advisory 2020-2333-01
Posted May 28, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2333-01 - Red Hat JBoss Enterprise Application Platform CD19 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform CD19 includes bug fixes and enhancements. Issues addressed include HTTP request smuggling, cross site scripting, denial of service, and out of bounds read vulnerabilities.

tags | advisory, java, web, denial of service, vulnerability, xss
systems | linux, redhat
advisories | CVE-2019-0205, CVE-2019-0210, CVE-2019-10086, CVE-2019-10174, CVE-2019-12419, CVE-2019-12423, CVE-2019-14540, CVE-2019-14887, CVE-2019-14888, CVE-2019-14892, CVE-2019-14893, CVE-2019-16335, CVE-2019-16869, CVE-2019-16942, CVE-2019-16943, CVE-2019-17267, CVE-2019-17531, CVE-2019-17573, CVE-2019-20330, CVE-2019-20444, CVE-2019-20445, CVE-2020-10672, CVE-2020-10688, CVE-2020-10968, CVE-2020-10969, CVE-2020-11111
MD5 | 35014507898098376bc89d54fd55c40a
Red Hat Security Advisory 2020-2321-01
Posted May 26, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2321-01 - Red Hat Data Grid is a distributed, in-memory, NoSQL datastore based on the Infinispan project. This release of Red Hat Data Grid 7.3.6 serves as a replacement for Red Hat Data Grid 7.3.5 and includes bug fixes and enhancements, which are described in the Release Notes, linked to in the References section of this erratum. Issues addressed include HTTP request smuggling, cross site scripting, out of bounds read, and traversal vulnerabilities.

tags | advisory, web, vulnerability, xss
systems | linux, redhat
advisories | CVE-2018-10862, CVE-2019-0205, CVE-2019-0210, CVE-2019-10086, CVE-2019-10219, CVE-2019-14540, CVE-2019-16869, CVE-2019-16942, CVE-2019-16943, CVE-2019-17267, CVE-2019-20444, CVE-2019-20445, CVE-2020-7238
MD5 | e68f4eb5689fda743d06e6ca00ead832
Red Hat Security Advisory 2020-1445-01
Posted Apr 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1445-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.4.3 serves as a replacement for Red Hat AMQ Broker 7.4.2, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include cross site scripting, denial of service, and information leakage vulnerabilities.

tags | advisory, denial of service, vulnerability, protocol, xss
systems | linux, redhat
advisories | CVE-2019-0222, CVE-2019-10241, CVE-2019-10247, CVE-2019-16869, CVE-2019-20444, CVE-2019-20445, CVE-2019-9511, CVE-2019-9512, CVE-2019-9514, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518, CVE-2020-7238
MD5 | 92065fecfe88cdaa624622793cc96cfb
Red Hat Security Advisory 2020-0951-01
Posted Mar 24, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0951-01 - Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.3.7 serves as a replacement for Red Hat Single Sign-On 7.3.6, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-0205, CVE-2019-0210, CVE-2019-10086, CVE-2019-12400, CVE-2019-14885, CVE-2019-14887, CVE-2019-20330, CVE-2019-20444, CVE-2019-20445, CVE-2020-1744, CVE-2020-7238
MD5 | 6d7e3d27d8b9e0ec7422eca7a382dcd2
Red Hat Security Advisory 2020-0939-01
Posted Mar 23, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0939-01 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 1.4.0 serves as a replacement for Red Hat AMQ Streams 1.3.0, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2019-12399, CVE-2019-16942, CVE-2019-16943, CVE-2019-17531, CVE-2019-20330, CVE-2019-20444, CVE-2019-20445, CVE-2020-7238
MD5 | e0c4241fded548a63a2b7cb27615348a
Red Hat Security Advisory 2020-0922-01
Posted Mar 23, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0922-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.6.0 serves as a replacement for Red Hat AMQ Broker 7.5.0, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include cross site scripting, denial of service, and information leakage vulnerabilities.

tags | advisory, denial of service, vulnerability, protocol, xss
systems | linux, redhat
advisories | CVE-2019-0222, CVE-2019-10241, CVE-2019-10247, CVE-2019-16869, CVE-2019-20444, CVE-2019-20445, CVE-2019-9511, CVE-2019-9512, CVE-2019-9514, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518, CVE-2020-7238
MD5 | 1f73491e6994d7f8cd7d4dbc85b5c3d7
Red Hat Security Advisory 2020-0804-01
Posted Mar 12, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0804-01 - This release of Red Hat JBoss Enterprise Application Platform 7.2.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.6, and includes bug fixes and enhancements. Issues addressed include an out-of-bounds read and HTTP response smuggling.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-0205, CVE-2019-0210, CVE-2019-10086, CVE-2019-12400, CVE-2019-14887, CVE-2019-20444, CVE-2019-20445, CVE-2020-7238
MD5 | e79ff594e53a3c24cf28eec99c8888e6
Red Hat Security Advisory 2020-0805-01
Posted Mar 12, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0805-01 - This release of Red Hat JBoss Enterprise Application Platform 7.2.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.6, and includes bug fixes and enhancements. Issues addressed include an out-of-bounds read and HTTP response smuggling.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-0205, CVE-2019-0210, CVE-2019-10086, CVE-2019-12400, CVE-2019-14887, CVE-2019-20444, CVE-2019-20445, CVE-2020-7238
MD5 | 975afb9d38f34ce76b8ba6a83b8ae57f
Red Hat Security Advisory 2020-0806-01
Posted Mar 12, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0806-01 - This release of Red Hat JBoss Enterprise Application Platform 7.2.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.6, and includes bug fixes and enhancements. Issues addressed include HTTP response smuggling.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-0205, CVE-2019-0210, CVE-2019-10086, CVE-2019-12400, CVE-2019-14887, CVE-2019-20444, CVE-2019-20445, CVE-2020-7238
MD5 | 7015012ecf5ad9d4df8dda372e918146
Red Hat Security Advisory 2020-0811-01
Posted Mar 12, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0811-01 - This release of Red Hat JBoss Enterprise Application Platform 7.2.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.6, and includes bug fixes and enhancements. Issues addressed include an out-of-bounds read.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-0205, CVE-2019-0210, CVE-2019-10086, CVE-2019-12400, CVE-2019-14887, CVE-2019-20444, CVE-2019-20445, CVE-2020-7238
MD5 | 1022e64cab6fd2a7274cd63e345ed3f9
Red Hat Security Advisory 2020-0567-01
Posted Mar 3, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0567-01 - This release of Red Hat build of Eclipse Vert.x 3.8.5 includes security updates, bug fixes, and enhancements. HTTP request smuggling was addressed along with other security issues.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2019-20444, CVE-2019-20445, CVE-2020-7238
MD5 | 76ca0d6237099e578756baf9a44a117d
Red Hat Security Advisory 2020-0601-01
Posted Feb 26, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0601-01 - Red Hat AMQ Clients enable connecting, sending, and receiving messages over the AMQP 1.0 wire transport protocol to or from AMQ Broker 6 and 7. This update provides various bug fixes and enhancements in addition to the client package versions previously released on Red Hat Enterprise Linux 6, 7, and 8.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2019-20444, CVE-2019-20445, CVE-2020-7238
MD5 | 584a6024fe9caf6105d3299d3011c0e8
Red Hat Security Advisory 2020-0497-01
Posted Feb 13, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0497-01 - The release of Red Hat AMQ Online 1.3.3 serves as a replacement for AMQ online 1.3.2, and includes bug fixes and enhancements. Request smuggling and other security issues have been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-20444, CVE-2019-20445, CVE-2020-7238
MD5 | bb8148a3b55bd05b404fb987854eb70c
Page 1 of 1
Back1Next

File Archive:

October 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    16 Files
  • 2
    Oct 2nd
    1 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    24 Files
  • 5
    Oct 5th
    24 Files
  • 6
    Oct 6th
    11 Files
  • 7
    Oct 7th
    14 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    1 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    7 Files
  • 12
    Oct 12th
    15 Files
  • 13
    Oct 13th
    26 Files
  • 14
    Oct 14th
    10 Files
  • 15
    Oct 15th
    6 Files
  • 16
    Oct 16th
    2 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    15 Files
  • 20
    Oct 20th
    20 Files
  • 21
    Oct 21st
    12 Files
  • 22
    Oct 22nd
    14 Files
  • 23
    Oct 23rd
    3 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    33 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close