The content-length header is not correctly validated if the request only use a single Http2HeaderFrame with the endStream set to to true. This could lead to request smuggling if the request is proxied to a remote peer and translated to HTTP/1.1
This is a followup of https://github.com/netty/netty/security/advisories/GHSA-wm47-8v5p-wjpj which did miss to fix this one case.
This was fixed as part of 4.1.61.Final
Validation can be done by the user before proxy the request by validating the header.
{ "nvd_published_at": "2021-03-30T15:15:00Z", "cwe_ids": [ "CWE-444" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2021-03-30T15:03:26Z" }