CVE-2019-20444 - Vulnerability Details

HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an "invalid fold."

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.04167.

Key SSVC decision points have not yet been added.

Vendors	Products
Canonical	Ubuntu Linux
Debian	Debian Linux
Fedoraproject	Fedora
Netty	Netty
Redhat	A Mq Clients Amq Broker Amq Online Amq Streams Enterprise Linux Jboss Amq Clients Jboss Data Grid Jboss Enterprise Application Platform Jboss Enterprise Application Platform Cd Jboss Enterprise Application Platform Eus Jboss Enterprise Bpms Platform Jboss Enterprise Brms Platform Jboss Fuse Jboss Single Sign On Openshift Application Runtimes

Configuration 1 [-]

cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:debian:debian_linux:9.0:::::::*
	cpe:2.3:o:debian:debian_linux:10.0:::::::*

Configuration 3 [-]

cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*

Configuration 4 [-]

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

Configuration 5 [-]

AND

OR	cpe:2.3:a:redhat:jboss_amq_clients:2:::::::*
	cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:::::::*
	cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:::::::*

OR	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*

Package	CPE	Advisory	Released Date
AMQ Clients 2.y for RHEL 6
qpid-proton-0:0.30.0-4.el6_10	cpe:/a:redhat:a_mq_clients:2::el6	RHSA-2020:0601	2020-02-25T00:00:00Z
AMQ Clients 2.y for RHEL 7
qpid-proton-0:0.30.0-2.el7	cpe:/a:redhat:a_mq_clients:2::el7	RHSA-2020:0601	2020-02-25T00:00:00Z
rubygem-qpid_proton-0:0.30.0-1.el7	cpe:/a:redhat:a_mq_clients:2::el7	RHSA-2020:0601	2020-02-25T00:00:00Z
AMQ Clients 2.y for RHEL 8
nodejs-rhea-0:1.0.16-1.el8	cpe:/a:redhat:a_mq_clients:2::el8	RHSA-2020:0601	2020-02-25T00:00:00Z
qpid-proton-0:0.30.0-3.el8	cpe:/a:redhat:a_mq_clients:2::el8	RHSA-2020:0601	2020-02-25T00:00:00Z
rubygem-qpid_proton-0:0.30.0-1.el8	cpe:/a:redhat:a_mq_clients:2::el8	RHSA-2020:0601	2020-02-25T00:00:00Z
EAP-CD 19 Tech Preview
netty	cpe:/a:redhat:jboss_enterprise_application_platform_cd:19	RHSA-2020:2333	2020-05-28T00:00:00Z
Red Hat AMQ
netty	cpe:/a:redhat:amq_broker:7	RHSA-2020:0922	2020-03-23T00:00:00Z
Red Hat AMQ 7.4.3
netty	cpe:/a:redhat:amq_broker:7	RHSA-2020:1445	2020-04-14T00:00:00Z
Red Hat AMQ Online 1.3.3 GA
netty	cpe:/a:redhat:amq_online:1.3	RHSA-2020:0497	2020-02-13T00:00:00Z
Red Hat AMQ Streams 1
netty	cpe:/a:redhat:amq_streams:1	RHSA-2020:0939	2020-03-23T00:00:00Z
Red Hat Data Grid 7.3.6
netty	cpe:/a:redhat:jboss_data_grid:7.3	RHSA-2020:2321	2020-05-26T00:00:00Z
Red Hat Decision Manager 7
netty	cpe:/a:redhat:jboss_enterprise_brms_platform:7.8	RHSA-2020:3196	2020-07-29T00:00:00Z
Red Hat Fuse 7.7.0
netty	cpe:/a:redhat:jboss_fuse:7	RHSA-2020:3192	2020-07-28T00:00:00Z
Red Hat JBoss EAP 7.2
	cpe:/a:redhat:jboss_enterprise_application_platform:7.2	RHSA-2020:0606	2020-02-25T00:00:00Z
netty	cpe:/a:redhat:jboss_enterprise_application_platform:7.2	RHSA-2020:0811	2020-03-12T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7
eap7-netty-0:4.1.45-1.Final_redhat_00001.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7	RHSA-2024:5856	2024-08-26T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6
eap7-netty-0:4.1.45-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:0605	2020-02-25T00:00:00Z
eap7-activemq-artemis-0:2.9.0-2.redhat_00009.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:0804	2020-03-12T00:00:00Z
eap7-apache-commons-beanutils-0:1.9.4-1.redhat_00002.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:0804	2020-03-12T00:00:00Z
eap7-glassfish-el-0:3.0.1-4.b08_redhat_00003.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:0804	2020-03-12T00:00:00Z
eap7-glassfish-jaxb-0:2.3.3-4.b02_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:0804	2020-03-12T00:00:00Z
eap7-glassfish-jsf-0:2.3.5-7.SP3_redhat_00005.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:0804	2020-03-12T00:00:00Z
eap7-hal-console-0:3.0.20-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:0804	2020-03-12T00:00:00Z
eap7-hibernate-0:5.3.15-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:0804	2020-03-12T00:00:00Z
eap7-infinispan-0:9.3.8-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:0804	2020-03-12T00:00:00Z
eap7-ironjacamar-0:1.4.20-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:0804	2020-03-12T00:00:00Z
eap7-jackson-databind-0:2.9.10.2-1.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:0804	2020-03-12T00:00:00Z
eap7-jaegertracing-jaeger-client-java-0:0.34.1-1.redhat_00002.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:0804	2020-03-12T00:00:00Z
eap7-jboss-ejb-client-0:4.0.28-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:0804	2020-03-12T00:00:00Z
eap7-jboss-remoting-0:5.0.17-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:0804	2020-03-12T00:00:00Z
eap7-jboss-server-migration-0:1.3.1-8.Final_redhat_00009.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:0804	2020-03-12T00:00:00Z
eap7-picketlink-bindings-0:2.5.5-23.SP12_redhat_00012.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:0804	2020-03-12T00:00:00Z
eap7-stax2-api-0:4.2.0-1.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:0804	2020-03-12T00:00:00Z
eap7-sun-istack-commons-0:3.0.10-1.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:0804	2020-03-12T00:00:00Z
eap7-thrift-0:0.13.0-1.redhat_00002.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:0804	2020-03-12T00:00:00Z
eap7-wildfly-0:7.2.7-4.GA_redhat_00004.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:0804	2020-03-12T00:00:00Z
eap7-wildfly-http-client-0:1.0.20-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:0804	2020-03-12T00:00:00Z
eap7-wildfly-openssl-0:1.0.9-2.SP03_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:0804	2020-03-12T00:00:00Z
eap7-wildfly-openssl-linux-x86_64-0:1.0.9-2.SP03_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:0804	2020-03-12T00:00:00Z
eap7-wildfly-transaction-client-0:1.1.9-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:0804	2020-03-12T00:00:00Z
eap7-woodstox-core-0:6.0.3-1.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:0804	2020-03-12T00:00:00Z
eap7-xml-security-0:2.1.4-1.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:0804	2020-03-12T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7
eap7-netty-0:4.1.45-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:0605	2020-02-25T00:00:00Z
eap7-activemq-artemis-0:2.9.0-2.redhat_00009.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:0805	2020-03-12T00:00:00Z
eap7-apache-commons-beanutils-0:1.9.4-1.redhat_00002.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:0805	2020-03-12T00:00:00Z
eap7-glassfish-el-0:3.0.1-4.b08_redhat_00003.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:0805	2020-03-12T00:00:00Z
eap7-glassfish-jaxb-0:2.3.3-4.b02_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:0805	2020-03-12T00:00:00Z
eap7-glassfish-jsf-0:2.3.5-7.SP3_redhat_00005.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:0805	2020-03-12T00:00:00Z
eap7-hal-console-0:3.0.20-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:0805	2020-03-12T00:00:00Z
eap7-hibernate-0:5.3.15-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:0805	2020-03-12T00:00:00Z
eap7-infinispan-0:9.3.8-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:0805	2020-03-12T00:00:00Z
eap7-ironjacamar-0:1.4.20-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:0805	2020-03-12T00:00:00Z
eap7-jackson-databind-0:2.9.10.2-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:0805	2020-03-12T00:00:00Z
eap7-jaegertracing-jaeger-client-java-0:0.34.1-1.redhat_00002.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:0805	2020-03-12T00:00:00Z
eap7-jboss-ejb-client-0:4.0.28-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:0805	2020-03-12T00:00:00Z
eap7-jboss-remoting-0:5.0.17-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:0805	2020-03-12T00:00:00Z
eap7-jboss-server-migration-0:1.3.1-8.Final_redhat_00009.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:0805	2020-03-12T00:00:00Z
eap7-picketlink-bindings-0:2.5.5-23.SP12_redhat_00012.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:0805	2020-03-12T00:00:00Z
eap7-stax2-api-0:4.2.0-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:0805	2020-03-12T00:00:00Z
eap7-sun-istack-commons-0:3.0.10-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:0805	2020-03-12T00:00:00Z
eap7-thrift-0:0.13.0-1.redhat_00002.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:0805	2020-03-12T00:00:00Z
eap7-wildfly-0:7.2.7-4.GA_redhat_00004.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:0805	2020-03-12T00:00:00Z
eap7-wildfly-http-client-0:1.0.20-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:0805	2020-03-12T00:00:00Z
eap7-wildfly-openssl-0:1.0.9-2.SP03_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:0805	2020-03-12T00:00:00Z
eap7-wildfly-openssl-linux-x86_64-0:1.0.9-2.SP03_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:0805	2020-03-12T00:00:00Z
eap7-wildfly-transaction-client-0:1.1.9-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:0805	2020-03-12T00:00:00Z
eap7-woodstox-core-0:6.0.3-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:0805	2020-03-12T00:00:00Z
eap7-xml-security-0:2.1.4-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:0805	2020-03-12T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8
eap7-netty-0:4.1.45-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:0605	2020-02-25T00:00:00Z
eap7-activemq-artemis-0:2.9.0-2.redhat_00009.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:0806	2020-03-12T00:00:00Z
eap7-apache-commons-beanutils-0:1.9.4-1.redhat_00002.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:0806	2020-03-12T00:00:00Z
eap7-glassfish-el-0:3.0.1-4.b08_redhat_00003.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:0806	2020-03-12T00:00:00Z
eap7-glassfish-jaxb-0:2.3.3-4.b02_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:0806	2020-03-12T00:00:00Z
eap7-glassfish-jsf-0:2.3.5-7.SP3_redhat_00005.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:0806	2020-03-12T00:00:00Z
eap7-hal-console-0:3.0.20-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:0806	2020-03-12T00:00:00Z
eap7-hibernate-0:5.3.15-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:0806	2020-03-12T00:00:00Z
eap7-infinispan-0:9.3.8-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:0806	2020-03-12T00:00:00Z
eap7-ironjacamar-0:1.4.20-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:0806	2020-03-12T00:00:00Z
eap7-jackson-databind-0:2.9.10.2-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:0806	2020-03-12T00:00:00Z
eap7-jaegertracing-jaeger-client-java-0:0.34.1-1.redhat_00002.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:0806	2020-03-12T00:00:00Z
eap7-jboss-ejb-client-0:4.0.28-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:0806	2020-03-12T00:00:00Z
eap7-jboss-remoting-0:5.0.17-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:0806	2020-03-12T00:00:00Z
eap7-jboss-server-migration-0:1.3.1-8.Final_redhat_00009.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:0806	2020-03-12T00:00:00Z
eap7-picketlink-bindings-0:2.5.5-23.SP12_redhat_00012.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:0806	2020-03-12T00:00:00Z
eap7-stax2-api-0:4.2.0-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:0806	2020-03-12T00:00:00Z
eap7-sun-istack-commons-0:3.0.10-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:0806	2020-03-12T00:00:00Z
eap7-thrift-0:0.13.0-1.redhat_00002.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:0806	2020-03-12T00:00:00Z
eap7-wildfly-0:7.2.7-4.GA_redhat_00004.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:0806	2020-03-12T00:00:00Z
eap7-wildfly-http-client-0:1.0.20-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:0806	2020-03-12T00:00:00Z
eap7-wildfly-openssl-0:1.0.9-2.SP03_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:0806	2020-03-12T00:00:00Z
eap7-wildfly-openssl-linux-x86_64-0:1.0.9-2.SP03_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:0806	2020-03-12T00:00:00Z
eap7-wildfly-transaction-client-0:1.1.9-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:0806	2020-03-12T00:00:00Z
eap7-woodstox-core-0:6.0.3-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:0806	2020-03-12T00:00:00Z
eap7-xml-security-0:2.1.4-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:0806	2020-03-12T00:00:00Z
Red Hat Process Automation 7
netty	cpe:/a:redhat:jboss_enterprise_bpms_platform:7.8	RHSA-2020:3197	2020-07-29T00:00:00Z
Red Hat Single Sign-On 7.3
netty	cpe:/a:redhat:jboss_single_sign_on:7.3	RHSA-2020:0951	2020-03-23T00:00:00Z
Text-Only RHOAR
netty	cpe:/a:redhat:openshift_application_runtimes:1.0	RHSA-2020:0567	2020-03-03T00:00:00Z

No data.

Advisories

Source	ID	Title
Debian DLA	DLA-2109-1	netty security update
Debian DLA	DLA-2110-1	netty-3.9 security update
Debian DLA	DLA-2364-1	netty security update
Debian DLA	DLA-2365-1	netty-3.9 security update
Debian DSA	DSA-4885-1	netty security update
EUVD	EUVD-2020-0302	HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an "invalid fold."
Github GHSA	GHSA-cqqj-4p63-rrmm	HTTP Request Smuggling in Netty
Ubuntu USN	USN-4532-1	Netty vulnerabilities
Ubuntu USN	USN-4600-1	Netty vulnerabilities
Ubuntu USN	USN-4600-2	Netty vulnerabilities

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://access.redhat.com/errata/RHSA-2020:0497
https://access.redhat.com/errata/RHSA-2020:0567
https://access.redhat.com/errata/RHSA-2020:0601
https://access.redhat.com/errata/RHSA-2020:0605
https://access.redhat.com/errata/RHSA-2020:0606
https://access.redhat.com/errata/RHSA-2020:0804
https://access.redhat.com/errata/RHSA-2020:0805
https://access.redhat.com/errata/RHSA-2020:0806
https://access.redhat.com/errata/RHSA-2020:0811
https://github.com/elastic/elasticsearch/issues/49396
https://github.com/netty/netty/compare/netty-4.1.43.Final...netty-4.1.44.Final
https://github.com/netty/netty/issues/9866
https://github.com/poc-effectiveness/PoCAdaptation/tree/main/Adapted/CVE-2019-20444/5.0.0.Alpha1/exploit
https://lists.apache.org/thread.html/r059b042bca47be53ff8a51fd04d95eb01bb683f1afa209db136e8cb7%40%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r059b042bca47be53ff8a51fd04d95eb01bb683f1afa209db136e8cb7@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r0aa8b28e76ec01c697b15e161e6797e88fc8d406ed762e253401106e%40%3Ccommits.camel.apache.org%3E
https://lists.apache.org/thread.html/r0aa8b28e76ec01c697b15e161e6797e88fc8d406ed762e253401106e@%3Ccommits.camel.apache.org%3E
https://lists.apache.org/thread.html/r0c3d49bfdbc62fd3915676433cc5899c5506d06da1c552ef1b7923a5%40%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r0c3d49bfdbc62fd3915676433cc5899c5506d06da1c552ef1b7923a5@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r0f5e72d5f69b4720dfe64fcbc2da9afae949ed1e9cbffa84bb7d92d7%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r0f5e72d5f69b4720dfe64fcbc2da9afae949ed1e9cbffa84bb7d92d7@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/r1fcccf8bdb3531c28bc9aa605a6a1bea7e68cef6fc12e01faafb2fb5%40%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r1fcccf8bdb3531c28bc9aa605a6a1bea7e68cef6fc12e01faafb2fb5@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r205937c85817a911b0c72655c2377e7a2c9322d6ef6ce1b118d34d8d%40%3Cdev.geode.apache.org%3E
https://lists.apache.org/thread.html/r205937c85817a911b0c72655c2377e7a2c9322d6ef6ce1b118d34d8d@%3Cdev.geode.apache.org%3E
https://lists.apache.org/thread.html/r2f2989b7815d809ff3fda8ce330f553e5f133505afd04ffbc135f35f%40%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/r2f2989b7815d809ff3fda8ce330f553e5f133505afd04ffbc135f35f@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/r310d2ce22304d5298ff87f10134f918c87919b452734f9841d95682d%40%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r310d2ce22304d5298ff87f10134f918c87919b452734f9841d95682d@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r34912a9b1a5c269a77b8be94ef6fb6d1e9b3c69129719dc00f01cf0b%40%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r34912a9b1a5c269a77b8be94ef6fb6d1e9b3c69129719dc00f01cf0b@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r36fcf538b28f2029e8b4f6b9a772f3b107913a78f09b095c5b153a62%40%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r36fcf538b28f2029e8b4f6b9a772f3b107913a78f09b095c5b153a62@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r489886fe72a98768eed665474cba13bad8d6fe0654f24987706636c5%40%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r489886fe72a98768eed665474cba13bad8d6fe0654f24987706636c5@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r4c675b2d0cc2a5e506b11ee10d60a378859ee340aca052e4c7ef4749%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r4c675b2d0cc2a5e506b11ee10d60a378859ee340aca052e4c7ef4749@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r4d3f1d3e333d9c2b2f6e6ae8ed8750d4de03410ac294bcd12c7eefa3%40%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r4d3f1d3e333d9c2b2f6e6ae8ed8750d4de03410ac294bcd12c7eefa3@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r640eb9b3213058a963e18291f903fc1584e577f60035f941e32f760a%40%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r640eb9b3213058a963e18291f903fc1584e577f60035f941e32f760a@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r6945f3c346b7af89bbd3526a7c9b705b1e3569070ebcd0964bcedd7d%40%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r6945f3c346b7af89bbd3526a7c9b705b1e3569070ebcd0964bcedd7d@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r70b1ff22ee80e8101805b9a473116dd33265709007d2deb6f8c80bf2%40%3Ccommits.druid.apache.org%3E
https://lists.apache.org/thread.html/r70b1ff22ee80e8101805b9a473116dd33265709007d2deb6f8c80bf2@%3Ccommits.druid.apache.org%3E
https://lists.apache.org/thread.html/r7790b9d99696d9eddce8a8c96f13bb68460984294ea6fea3800143e4%40%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r7790b9d99696d9eddce8a8c96f13bb68460984294ea6fea3800143e4@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r804895eedd72c9ec67898286eb185e04df852b0dd5fe53cf5b6138f9%40%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r804895eedd72c9ec67898286eb185e04df852b0dd5fe53cf5b6138f9@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r819aaeb9944bdcfca438dcc51f05650dc728daf64dfd7d774fc2499b%40%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r819aaeb9944bdcfca438dcc51f05650dc728daf64dfd7d774fc2499b@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r832724df393a7ef25ca4c7c2eb83ad2d6c21c74569acda5233f9f1ec%40%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r832724df393a7ef25ca4c7c2eb83ad2d6c21c74569acda5233f9f1ec@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r8402d67fdfe9cf169f859d52a7670b28a08eff31e54b522cc1432532%40%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r8402d67fdfe9cf169f859d52a7670b28a08eff31e54b522cc1432532@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r86befa74c5cd1482c711134104aec339bf7ae879f2c4437d7ec477d4%40%3Ccommon-commits.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r86befa74c5cd1482c711134104aec339bf7ae879f2c4437d7ec477d4@%3Ccommon-commits.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r90030b0117490caed526e57271bf4d7f9b012091ac5083c895d16543%40%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r90030b0117490caed526e57271bf4d7f9b012091ac5083c895d16543@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/r91e0fa345c86c128b75a4a791b4b503b53173ff4c13049ac7129d319%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r91e0fa345c86c128b75a4a791b4b503b53173ff4c13049ac7129d319@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r959474dcf7f88565ed89f6252ca5a274419006cb71348f14764b183d%40%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r959474dcf7f88565ed89f6252ca5a274419006cb71348f14764b183d@%3Ccommits.cassandra.apache.org%3E
https://lists.apache.org/thread.html/r96e08f929234e8ba1ef4a93a0fd2870f535a1f9ab628fabc46115986%40%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r96e08f929234e8ba1ef4a93a0fd2870f535a1f9ab628fabc46115986@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r9b20cdac704cf9a583400350e2d5b576fa8417c18ddb961201676c60%40%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r9b20cdac704cf9a583400350e2d5b576fa8417c18ddb961201676c60@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/ra1a71b576a45426af5ee65255be9596ff3181a342f4ba73b800db78f%40%3Cdev.geode.apache.org%3E
https://lists.apache.org/thread.html/ra1a71b576a45426af5ee65255be9596ff3181a342f4ba73b800db78f@%3Cdev.geode.apache.org%3E
https://lists.apache.org/thread.html/ra2ace4bcb5cf487f72cbcbfa0f8cc08e755ec2b93d7e69f276148b08%40%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/ra2ace4bcb5cf487f72cbcbfa0f8cc08e755ec2b93d7e69f276148b08@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/ra9fbfe7d4830ae675bf34c7c0f8c22fc8a4099f65706c1bc4f54c593%40%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/ra9fbfe7d4830ae675bf34c7c0f8c22fc8a4099f65706c1bc4f54c593@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/raaac04b7567c554786132144bea3dcb72568edd410c1e6f0101742e7%40%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/raaac04b7567c554786132144bea3dcb72568edd410c1e6f0101742e7@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/rb3361f6c6a5f834ad3db5e998c352760d393c0891b8d3bea90baa836%40%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rb3361f6c6a5f834ad3db5e998c352760d393c0891b8d3bea90baa836@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rb84c57670ec48ef23f4d07973b7fa69f629b8e7fcfb48874362feb6f%40%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rb84c57670ec48ef23f4d07973b7fa69f629b8e7fcfb48874362feb6f@%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rc7eb5634b71d284483e58665b22bf274a69bd184d9bd7ede52015d91%40%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rc7eb5634b71d284483e58665b22bf274a69bd184d9bd7ede52015d91@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rcb2c59428f34d4757702f9ae739a8795bda7bea97b857e708a9c62c6%40%3Ccommon-commits.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rcb2c59428f34d4757702f9ae739a8795bda7bea97b857e708a9c62c6@%3Ccommon-commits.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rce71d33747010d32d31d90f5d737dae26291d96552f513a266c92fbb%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rce71d33747010d32d31d90f5d737dae26291d96552f513a266c92fbb@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26%40%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/rd8f72411fb75b98d366400ae789966373b5c3eb3f511e717caf3e49e%40%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/rd8f72411fb75b98d366400ae789966373b5c3eb3f511e717caf3e49e@%3Cissues.flink.apache.org%3E
https://lists.apache.org/thread.html/rdb69125652311d0c41f6066ff44072a3642cf33a4b5e3c4f9c1ec9c2%40%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/rdb69125652311d0c41f6066ff44072a3642cf33a4b5e3c4f9c1ec9c2@%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/rdd5d243a5f8ed8b83c0104e321aa420e5e98792a95749e3c9a54c0b9%40%3Ccommon-commits.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rdd5d243a5f8ed8b83c0104e321aa420e5e98792a95749e3c9a54c0b9@%3Ccommon-commits.hadoop.apache.org%3E
https://lists.apache.org/thread.html/re0b78a3d0a4ba2cf9f4e14e1d05040bde9051d5c78071177186336c9%40%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/re0b78a3d0a4ba2cf9f4e14e1d05040bde9051d5c78071177186336c9@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/re45ee9256d3233c31d78e59ee59c7dc841c7fbd83d0769285b41e948%40%3Ccommits.druid.apache.org%3E
https://lists.apache.org/thread.html/re45ee9256d3233c31d78e59ee59c7dc841c7fbd83d0769285b41e948@%3Ccommits.druid.apache.org%3E
https://lists.apache.org/thread.html/re78eaef7d01ad65c370df30e45c686fffff00b37f7bfd78b26a08762%40%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/re78eaef7d01ad65c370df30e45c686fffff00b37f7bfd78b26a08762@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rf2bf8e2eb0a03227f5bc100b544113f8cafea01e887bb068e8d1fa41%40%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rf2bf8e2eb0a03227f5bc100b544113f8cafea01e887bb068e8d1fa41@%3Ccommon-issues.hadoop.apache.org%3E
https://lists.apache.org/thread.html/rf5b2dfb7401666a19915f8eaef3ba9f5c3386e2066fcd2ae66e16a2f%40%3Cdev.flink.apache.org%3E
https://lists.apache.org/thread.html/rf5b2dfb7401666a19915f8eaef3ba9f5c3386e2066fcd2ae66e16a2f@%3Cdev.flink.apache.org%3E
https://lists.apache.org/thread.html/rfb55f245b08d8a6ec0fb4dc159022227cd22de34c4419c2fbb18802b%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rfb55f245b08d8a6ec0fb4dc159022227cd22de34c4419c2fbb18802b@%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rff210a24f3a924829790e69eaefa84820902b7b31f17c3bf2def9114%40%3Ccommits.druid.apache.org%3E
https://lists.apache.org/thread.html/rff210a24f3a924829790e69eaefa84820902b7b31f17c3bf2def9114@%3Ccommits.druid.apache.org%3E
https://lists.debian.org/debian-lts-announce/2020/02/msg00017.html
https://lists.debian.org/debian-lts-announce/2020/02/msg00018.html
https://lists.debian.org/debian-lts-announce/2020/09/msg00003.html
https://lists.debian.org/debian-lts-announce/2020/09/msg00004.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TS6VX7OMXPDJIU5LRGUAHRK6MENAVJ46/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TS6VX7OMXPDJIU5LRGUAHRK6MENAVJ46/
https://nvd.nist.gov/vuln/detail/CVE-2019-20444
https://usn.ubuntu.com/4532-1/
https://www.cve.org/CVERecord?id=CVE-2019-20444
https://www.debian.org/security/2021/dsa-4885

History

Tue, 01 Jul 2025 18:15:00 +0000

Type	Values Removed	Values Added
References		https://github.com/poc-effectiveness/PoCAdaptation/tree/main/Adapted/CVE-2019-20444/5.0.0.Alpha1/exploit https://lists.apache.org/thread.html/r059b042bca47be53ff8a51fd04d95eb01bb683f1afa209db136e8cb7@%3Cdev.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r0aa8b28e76ec01c697b15e161e6797e88fc8d406ed762e253401106e@%3Ccommits.camel.apache.org%3E https://lists.apache.org/thread.html/r0c3d49bfdbc62fd3915676433cc5899c5506d06da1c552ef1b7923a5@%3Ccommon-issues.hadoop.apache.org%3E https://lists.apache.org/thread.html/r0f5e72d5f69b4720dfe64fcbc2da9afae949ed1e9cbffa84bb7d92d7@%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/r1fcccf8bdb3531c28bc9aa605a6a1bea7e68cef6fc12e01faafb2fb5@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r205937c85817a911b0c72655c2377e7a2c9322d6ef6ce1b118d34d8d@%3Cdev.geode.apache.org%3E https://lists.apache.org/thread.html/r2f2989b7815d809ff3fda8ce330f553e5f133505afd04ffbc135f35f@%3Cissues.spark.apache.org%3E https://lists.apache.org/thread.html/r310d2ce22304d5298ff87f10134f918c87919b452734f9841d95682d@%3Ccommits.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r34912a9b1a5c269a77b8be94ef6fb6d1e9b3c69129719dc00f01cf0b@%3Cdev.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r36fcf538b28f2029e8b4f6b9a772f3b107913a78f09b095c5b153a62@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r489886fe72a98768eed665474cba13bad8d6fe0654f24987706636c5@%3Cdev.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r4c675b2d0cc2a5e506b11ee10d60a378859ee340aca052e4c7ef4749@%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r4d3f1d3e333d9c2b2f6e6ae8ed8750d4de03410ac294bcd12c7eefa3@%3Ccommits.cassandra.apache.org%3E https://lists.apache.org/thread.html/r640eb9b3213058a963e18291f903fc1584e577f60035f941e32f760a@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r6945f3c346b7af89bbd3526a7c9b705b1e3569070ebcd0964bcedd7d@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r70b1ff22ee80e8101805b9a473116dd33265709007d2deb6f8c80bf2@%3Ccommits.druid.apache.org%3E https://lists.apache.org/thread.html/r7790b9d99696d9eddce8a8c96f13bb68460984294ea6fea3800143e4@%3Ccommits.pulsar.apache.org%3E https://lists.apache.org/thread.html/r804895eedd72c9ec67898286eb185e04df852b0dd5fe53cf5b6138f9@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r819aaeb9944bdcfca438dcc51f05650dc728daf64dfd7d774fc2499b@%3Ccommits.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r832724df393a7ef25ca4c7c2eb83ad2d6c21c74569acda5233f9f1ec@%3Ccommits.pulsar.apache.org%3E https://lists.apache.org/thread.html/r8402d67fdfe9cf169f859d52a7670b28a08eff31e54b522cc1432532@%3Ccommon-issues.hadoop.apache.org%3E https://lists.apache.org/thread.html/r86befa74c5cd1482c711134104aec339bf7ae879f2c4437d7ec477d4@%3Ccommon-commits.hadoop.apache.org%3E https://lists.apache.org/thread.html/r90030b0117490caed526e57271bf4d7f9b012091ac5083c895d16543@%3Ccommon-issues.hadoop.apache.org%3E https://lists.apache.org/thread.html/r91e0fa345c86c128b75a4a791b4b503b53173ff4c13049ac7129d319@%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r959474dcf7f88565ed89f6252ca5a274419006cb71348f14764b183d@%3Ccommits.cassandra.apache.org%3E https://lists.apache.org/thread.html/r96e08f929234e8ba1ef4a93a0fd2870f535a1f9ab628fabc46115986@%3Cdev.zookeeper.apache.org%3E https://lists.apache.org/thread.html/r9b20cdac704cf9a583400350e2d5b576fa8417c18ddb961201676c60@%3Ccommits.zookeeper.apache.org%3E https://lists.apache.org/thread.html/ra1a71b576a45426af5ee65255be9596ff3181a342f4ba73b800db78f@%3Cdev.geode.apache.org%3E https://lists.apache.org/thread.html/ra2ace4bcb5cf487f72cbcbfa0f8cc08e755ec2b93d7e69f276148b08@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/ra9fbfe7d4830ae675bf34c7c0f8c22fc8a4099f65706c1bc4f54c593@%3Cissues.zookeeper.apache.org%3E https://lists.apache.org/thread.html/raaac04b7567c554786132144bea3dcb72568edd410c1e6f0101742e7@%3Cissues.flink.apache.org%3E https://lists.apache.org/thread.html/rb3361f6c6a5f834ad3db5e998c352760d393c0891b8d3bea90baa836@%3Ccommon-issues.hadoop.apache.org%3E https://lists.apache.org/thread.html/rb84c57670ec48ef23f4d07973b7fa69f629b8e7fcfb48874362feb6f@%3Ccommits.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rc7eb5634b71d284483e58665b22bf274a69bd184d9bd7ede52015d91@%3Ccommon-issues.hadoop.apache.org%3E https://lists.apache.org/thread.html/rcb2c59428f34d4757702f9ae739a8795bda7bea97b857e708a9c62c6@%3Ccommon-commits.hadoop.apache.org%3E https://lists.apache.org/thread.html/rce71d33747010d32d31d90f5d737dae26291d96552f513a266c92fbb@%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E https://lists.apache.org/thread.html/rd8f72411fb75b98d366400ae789966373b5c3eb3f511e717caf3e49e@%3Cissues.flink.apache.org%3E https://lists.apache.org/thread.html/rdb69125652311d0c41f6066ff44072a3642cf33a4b5e3c4f9c1ec9c2@%3Ccommits.pulsar.apache.org%3E https://lists.apache.org/thread.html/rdd5d243a5f8ed8b83c0104e321aa420e5e98792a95749e3c9a54c0b9@%3Ccommon-commits.hadoop.apache.org%3E https://lists.apache.org/thread.html/re0b78a3d0a4ba2cf9f4e14e1d05040bde9051d5c78071177186336c9@%3Ccommon-issues.hadoop.apache.org%3E https://lists.apache.org/thread.html/re45ee9256d3233c31d78e59ee59c7dc841c7fbd83d0769285b41e948@%3Ccommits.druid.apache.org%3E https://lists.apache.org/thread.html/re78eaef7d01ad65c370df30e45c686fffff00b37f7bfd78b26a08762@%3Ccommon-issues.hadoop.apache.org%3E https://lists.apache.org/thread.html/rf2bf8e2eb0a03227f5bc100b544113f8cafea01e887bb068e8d1fa41@%3Ccommon-issues.hadoop.apache.org%3E https://lists.apache.org/thread.html/rf5b2dfb7401666a19915f8eaef3ba9f5c3386e2066fcd2ae66e16a2f@%3Cdev.flink.apache.org%3E https://lists.apache.org/thread.html/rfb55f245b08d8a6ec0fb4dc159022227cd22de34c4419c2fbb18802b@%3Cnotifications.zookeeper.apache.org%3E https://lists.apache.org/thread.html/rff210a24f3a924829790e69eaefa84820902b7b31f17c3bf2def9114@%3Ccommits.druid.apache.org%3E https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TS6VX7OMXPDJIU5LRGUAHRK6MENAVJ46/

Mon, 26 Aug 2024 18:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat jboss Enterprise Application Platform Eus
CPEs		cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.1::el7
Vendors & Products		Redhat jboss Enterprise Application Platform Eus

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-01-29T20:33:17.000Z

Updated: 2025-07-01T18:01:08.474Z

Reserved: 2020-01-29T00:00:00.000Z

Link: CVE-2019-20444

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-01-29T21:15:11.047

Modified: 2025-07-01T18:15:23.387

Link: CVE-2019-20444

Redhat

Severity : Important

Publid Date: 2020-01-29T00:00:00Z

Links: CVE-2019-20444 - Bugzilla

OpenCVE Enrichment

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object