When netty’s multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled (CVE-2021-21290).

OSVersionArchitecturePackageVersionFilename
Mageia8noarchnetty< 4.1.51-1.1netty-4.1.51-1.1.mga8

OS	Version	Architecture	Package	Version	Filename
Mageia	8	noarch	netty	< 4.1.51-1.1	netty-4.1.51-1.1.mga8

References

bugs.mageia.org/show_bug.cgi?id=28446

github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2

cvelist 2

osv 8

cve 2

veracode 2

nessus 17

prion 2

ubuntucve 2

debian 2

openvas 5

redhatcve 2

redhat 20

ibm 23

debiancve 2

github 2

suse 1

ubuntu 1

rocky 1

oracle 6

cvelist

CVE-2021-21290 Local Information Disclosure Vulnerability in Netty on Unix-Like systems due temporary files

2021-02-08 20:10:16

CVE-2022-24823 Local Information Disclosure Vulnerability in io.netty:netty-codec-http

2022-05-06 12:05:11

osv

netty - security update

2021-02-11 00:00:00

CVE-2021-21290

2021-02-08 20:15:12

CVE-2022-24823

2022-05-06 12:15:08

cve

CVE-2021-21290

2021-02-08 20:15:00

CVE-2022-24823

2022-05-06 12:15:00

veracode

Information Disclosure

2021-02-09 08:36:03

Information Disclosure

2022-05-09 05:01:24

nessus

Debian DLA-2555-1 : netty security update

2021-02-12 00:00:00

RHEL 7 : Satellite 6.10.2 Async Bug Fix Update (Moderate) (RHSA-2022:0190)

2022-01-20 00:00:00

RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.3.7 security update on RHEL 6 (Moderate) (RHSA-2021:2046)

2021-05-20 00:00:00

prion

Design/Logic Flaw

2021-02-08 20:15:00

Information disclosure

2022-05-06 12:15:00

ubuntucve

CVE-2021-21290

2021-02-08 00:00:00

CVE-2022-24823

2022-05-06 00:00:00

debian

[SECURITY] [DLA 2555-1] netty security update

2021-02-11 13:02:55

[SECURITY] [DSA 4885-1] netty security update

2021-04-05 19:06:39

openvas

Mageia: Security Advisory (MGASA-2021-0136)

2022-01-28 00:00:00

Debian: Security Advisory (DLA-2555-1)

2021-02-12 00:00:00

openSUSE: Security Advisory for netty (SUSE-SU-2022:1271-1)

2022-04-21 00:00:00

redhatcve

CVE-2021-21290

2022-04-30 13:13:33

CVE-2022-24823

2022-05-17 15:01:10

redhat

(RHSA-2022:0190) Moderate: Satellite 6.10.2 Async Bug Fix Update

2022-01-19 14:32:50

(RHSA-2021:0943) Moderate: Red Hat build of Eclipse Vert.x 4.0.3 security update

2021-03-31 09:34:13

(RHSA-2021:0986) Low: AMQ Online 1.7.0 release and security update

2021-03-25 09:39:47

ibm

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Netty

2021-10-01 06:17:12

Security Bulletin: Vulnerability in Netty affects IBM Cloud Private (CVE-2021-21290)

2022-01-04 20:24:25

Security Bulletin: Netty Vulnerability Affects IBM Watson Machine Learning on CP4D ( CVE-2021-21290)

2021-07-15 14:42:02

debiancve

CVE-2021-21290

2021-02-08 20:15:00

CVE-2022-24823

2022-05-06 12:15:00

github

Local Information Disclosure Vulnerability in io.netty:netty-codec-http

2022-05-10 08:46:50

Local Information Disclosure Vulnerability in Netty on Unix-Like systems

2021-02-08 21:17:48

suse

Security update for netty (important)

2022-04-20 00:00:00

ubuntu

Netty vulnerabilities

2023-04-28 00:00:00

rocky

Satellite 6.11 Release

2022-07-05 13:55:16

oracle

Oracle Critical Patch Update Advisory - January 2023

2023-01-17 00:00:00

Oracle Critical Patch Update Advisory - October 2022

2022-10-18 00:00:00

Oracle Critical Patch Update Advisory - July 2021

2021-07-20 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.0004 Low

EPSS

Percentile

13.0%

JSON

Related for MGASA-2021-0136