/
DirectorySecurity Advisories
Sign In
Security Advisories

CGA-jgfj-c76v-j599

Published

Last updated

https://images.chainguard.dev/security/CGA-jgfj-c76v-j599
Package

hadoop-fips-3.3.6

Repository

Chainguard

Latest Update
Fix not planned
Aliases
  • CVE-2015-2156
  • GHSA-xfv3-rrfm-f2rv

Severity

Unknown

Summary

Information Exposure in Netty

Description

Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0.28.Final, and 4.1.x before 4.1.0.Beta5 and Play Framework 2.x before 2.3.9 might allow remote attackers to bypass the httpOnly flag on cookies and obtain sensitive information by leveraging improper validation of cookie name and value characters.

References

Updates


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2025 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Products

Chainguard ContainersChainguard LibrariesChainguard VMs