CVE-2024-40642 | netty-incubator-codec-ohttp up to 0.0.12 HTTP Protocol readRequestHead server-side request forgery (GHSA-q8f2-hxq5-cp4h)

Inserito da Angelo Barbosa | Lug 19, 2024 | CVE

A vulnerability, which was classified as critical, was found in netty-incubator-codec-ohttp up to 0.0.12. Affected is the function readRequestHead of the component HTTP Protocol Handler. The manipulation leads to server-side request forgery.

This vulnerability is traded as CVE-2024-40642. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-40642 | netty-incubator-codec-ohttp up to 0.0.12 HTTP Protocol readRequestHead server-side request forgery (GHSA-q8f2-hxq5-cp4h)

Post correlati

CVE-2024-8665 | YITH Custom Login Plugin up to 1.7.3 on WordPress cross site scripting

CVE-2021-47086 | Linux Kernel up to 5.15.11 phonet ioctl information disclosure

UserPro Plugin userpro_save_userdata cross-site request forgery

CVE-2024-0264 | SourceCodester Clinic Queuing System 1.0 /LoginRegistration.php formToken authorization