VulnerableCode Package Details - pkg:maven/io.netty/netty-handler@4.0.0

Search for packages

Package details: pkg:maven/io.netty/netty-handler@4.0.0

Essentials
History (1)

purl	pkg:maven/io.netty/netty-handler@4.0.0
Tags	Ghost

Next non-vulnerable version	4.1.118.Final
Latest non-vulnerable version	4.1.118.Final
Risk	4.1

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-sf1p-fp2z-bkb6 Aliases: CVE-2019-20445 GHSA-p2v9-g2qv-p635	HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header.	4.1.45.Final Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 4.1.45 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-sf1p-fp2z-bkb6
Aliases:
CVE-2019-20445
GHSA-p2v9-g2qv-p635

HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header.

4.1.45.Final
Affected by 3 other vulnerabilities.

4.1.45
Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-07-01T14:30:05.408692+00:00	GHSA Importer	Affected by	VCID-sf1p-fp2z-bkb6	https://github.com/advisories/GHSA-p2v9-g2qv-p635	36.1.3