https://bugzilla.redhat.com/show_bug.cgi?id=1944888
--- Comment #4 from RaTasha Tillery-Smith rtillery@redhat.com --- Statement:
Red Hat Satellite ships a vulnerable Netty version embedded in Candlepin. However, it is not directly vulnerable since the HTTP requests are handled by Tomcat and not by Netty.