Skip to content
Commits on Source (3)
Show whitespace changes
Inline Side-by-side
data/CVE/list
View file @ b4da11ee
......@@ -509,11 +509,11 @@ CVE-2020-8433
RESERVED
CVE-2019-20445 (HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length ...)
- netty <unfixed>
- netty-3.9 <unfixed>
- netty-3.9 <removed>
NOTE: https://github.com/netty/netty/issues/9861
CVE-2019-20444 (HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header th ...)
- netty <unfixed>
- netty-3.9 <unfixed>
- netty-3.9 <removed>
NOTE: https://github.com/netty/netty/issues/9866
CVE-2020-8432 (In Das U-Boot through 2020.01, a double free has been found in the cmd ...)
- u-boot <unfixed> (low)
......@@ -3144,7 +3144,7 @@ CVE-2019-20382
RESERVED
CVE-2020-7238 (Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles ...)
- netty <unfixed>
- netty-3.9 <unfixed>
- netty-3.9 <removed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1796225
NOTE: https://github.com/jdordonezn/CVE-2020-72381/issues/1
NOTE: Issue exists because of incomplete fix for CVE-2019-16869.
......@@ -26976,7 +26976,7 @@ CVE-2019-16870
CVE-2019-16869 (Netty before 4.1.42.Final mishandles whitespace before the colon in HT ...)
{DSA-4597-1 DLA-1941-1}
- netty 1:4.1.33-2 (bug #941266)
- netty-3.9 <unfixed>
- netty-3.9 <removed>
NOTE: https://github.com/netty/netty/issues/9571
NOTE: https://github.com/netty/netty/commit/39cafcb05c99f2aa9fce7e6597664c9ed6a63a95
CVE-2019-16868 (emlog through 6.0.0beta has an arbitrary file deletion vulnerability v ...)
......@@ -254147,9 +254147,11 @@ CVE-2014-3489 (lib/util/miq-password.rb in Red Hat CloudForms 3.0 Management Eng
NOT-FOR-US: Red Hat CloudForms Management Engine
CVE-2014-3488 (The SslHandler in Netty before 3.9.2 allows remote attackers to cause ...)
- netty <not-affected> (Introduced in 3.9.0)
- netty-3.9 <unfixed>
[stretch] - netty-3.9 <not-affected>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1107983 says only affects 3.9.0 and 3.9.1
- netty-3.9 3.9.9.Final-1
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1107983 says only affects
NOTE: 3.9.0 and 3.9.1.
NOTE: https://github.com/netty/netty/issues/2562
NOTE: https://github.com/netty/netty/commit/2fa9400a59d0563a66908aba55c41e7285a04994
CVE-2014-3487 (The cdf_read_property_info function in file before 5.19, as used in th ...)
{DSA-3021-1 DSA-2974-1 DLA-27-1}
- file 1:5.19-1
......@@ -263765,7 +263767,7 @@ CVE-2014-0194
REJECTED
CVE-2014-0193 (WebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before 3.7. ...)
- netty <not-affected> (WebSocket08FrameDecoder function not present; bug #746639)
- netty-3.9 <unfixed>
- netty-3.9 <removed>
CVE-2014-0192 (Foreman 1.4.0 before 1.5.0 does not properly restrict access to provis ...)
- foreman <itp> (bug #663101)
CVE-2014-0191 (The xmlParserHandlePEReference function in parser.c in libxml2 before ...)