2020-04-06 14:08:48
snyk
PUBLISHED
This affects the package io.jooby:jooby-netty before 1.6.9, from 2.0.0 and before 2.2.1. The DefaultHttpHeaders is set to false which means it does not validates that the header isnt being abused for HTTP Response Splitting.