Security Bulletin: Due to use of Netty, IBM Operations Analytics - Log Analysis is affected by denial of service, information disclosure, and HTTP request smuggling

Summary Netty in Apache ZooKeeper and Logstash is used by IBM Operations Analytics - Log Analysis as part of the client/server network transport layer, and network-related plugins for protocol and event transport. CVE-2014-0193, CVE-2014-3488, CVE-2015-2156, CVE-2019-20444, CVE-2024-47535,...

[SECURITY] [DLA 2110-1] netty-3.9 security update

Package : netty-3.9 Version : 3.9.0.Final-1+deb8u1 CVE ID : CVE-2014-0193 CVE-2014-3488 CVE-2019-16869 CVE-2019-20444 CVE-2019-20445 CVE-2020-7238 Debian Bug : 746639 941266 950966 950967 Several vulnerabilities were discovered in Netty, a Java NIO client/server socket framework: CVE-2014-0193...

Security Bulletin: Rational Integration Tester component in Rational Test Workbench affected by Netty vulnerability (CVE-2014-3488)

Summary The Netty library is vulnerable affecting the Rational Integration Tester component in IBM Rational Test Workbench. Vulnerability Details CVE ID: CVE-2014-3488 Description: Netty is vulnerable to a denial of service, caused by an error in SslHandler. A remote attacker could exploit this...

CVE-2014-3488

The SslHandler in Netty before 3.9.2 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a crafted SSLv2Hello message...

CVE-2014-3488

Netty CVE-2014-3488: The SslHandler in Netty before 3.9.2 is vulnerable to a remote DoS via a crafted SSLv2Hello message that can cause an infinite loop and high CPU usage. Affected are Netty 3.9.x predecessors up to 3.9.2. Remediation: upgrade to Netty 3.9.2.Final or later (as noted in advisorie...