CGA-c7h4-qrg3-25qm

Published

Last updated

https://images.chainguard.dev/security/CGA-c7h4-qrg3-25qm

Package

hadoop-3.3

Latest Update

Under investigation

Aliases

Severity

9.1

Critical

CVSS V3

Summary

HTTP Request Smuggling in Netty

Description

HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an "invalid fold."

References

Updates

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Media Kit Contact Us

Private Policy

CGA-c7h4-qrg3-25qm

Severity

Summary

Description

References

Updates

Product

Why Chainguard

Customers

Company

Resources