Description
Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a "Transfer-Encoding : chunked" line), which leads to HTTP request smuggling.
Remediation
References
Related Vulnerabilities
Apache Tomcat Other Vulnerability (CVE-2006-3835)
MySQL CVE-2014-2431 Vulnerability (CVE-2014-2431)
WordPress Plugin Alert Before Your Post Cross-Site Scripting (0.1.1)
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4421)
Vanilla Forums Deserialization of Untrusted Data Vulnerability (CVE-2018-19499)