Lucene search

K
osvGoogleOSV:GHSA-7VPQ-G998-QPV7
HistoryMay 13, 2022 - 1:54 a.m.

Netty denial of service vulnerability

2022-05-1301:54:02
Google
osv.dev
11

0.058 Low

EPSS

Percentile

93.4%

WebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before 3.7.1, 3.8.x before 3.8.2, 3.9.x before 3.9.1, and 4.0.x before 4.0.19 allows remote attackers to cause a denial of service (memory consumption) via a TextWebSocketFrame followed by a long stream of ContinuationWebSocketFrames.

References

0.058 Low

EPSS

Percentile

93.4%