Lucene search
K

53 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/04/06 5:55 p.m.13 views

Security Bulletin: Due to use of Netty, IBM Operations Analytics - Log Analysis is affected by denial of service, information disclosure, and HTTP request smuggling

Summary Netty in Apache ZooKeeper and Logstash is used by IBM Operations Analytics - Log Analysis as part of the client/server network transport layer, and network-related plugins for protocol and event transport. CVE-2014-0193, CVE-2014-3488, CVE-2015-2156, CVE-2019-20444, CVE-2024-47535,...

9.1CVSS6.8AI score0.08914EPSS
Exploits5Affected Software1
Chainguard
Chainguard
added 2025/03/24 10:12 p.m.28 views

CVE-2019-20444 vulnerabilities

Vulnerabilities for packages: druid...

9.1CVSS6.9AI score0.08914EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/25 7:6 p.m.40 views

Security Bulletin: Vulnerabilities in Netty affect IBM watsonx.data

Summary Netty is vulnerable to HTTP request smuggling and weaker than expected security. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2019-20444 DESCRIPTION: Netty is vulnerable to HTTP request smuggling, caused by a flaw in the HttpObjectDecoder.java. By sending a...

9.1CVSS9.1AI score0.13474EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/03 8:5 p.m.30 views

Security Bulletin: Vulnerabilities in Netty affect watsonx.data

Summary Netty is vulnerable to HTTP request smuggling, to remote attacks causing weaker than expected security, and to denial of service attacks. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2019-16869 DESCRIPTION: Netty is vulnerable to HTTP request smuggling, caused by a flaw...

9.1CVSS8.5AI score0.13474EPSS
Exploits4Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/08/26 12:0 a.m.38 views

RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.1.7 on RHEL 7 (RHSA-2024:5856)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5856 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...

9.8CVSS8.4AI score0.87806EPSS
Exploits17References47
IBM Security Bulletins
IBM Security Bulletins
added 2023/04/03 5:3 p.m.62 views

Security Bulletin: Netty Vulnerabilites 4.0.37

Summary Netty could provide various potential exploitable entry points including weaker than expected security, netty-codec is vulnerable to a denial of service, and HTTP request smuggling Vulnerability Details CVEID:CVE-2019-16869 DESCRIPTION: Netty is vulnerable to HTTP request smuggling, cause...

9.1CVSS8.2AI score0.18891EPSS
Exploits5Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 6:48 p.m.33 views

K14752415: Netty vulnerability CVE-2019-20444

Security Advisory Description HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an "invalid fold."CVE-2019-20444 Impact This vulnerability may result in HTTP...

9.1CVSS7.3AI score0.08914EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/01/23 12:0 a.m.57 views

RHEL 6 / 7 / 8 : AMQ Clients 2.6.0 Release (Important) (RHSA-2020:0601)

The remote Redhat Enterprise Linux 6 / 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0601 advisory. Red Hat AMQ Clients enable connecting, sending, and receiving messages over the AMQP 1.0 wire transport protocol to or from AMQ Brok...

9.1CVSS7.2AI score0.13474EPSS
Exploits3References26
IBM Security Bulletins
IBM Security Bulletins
added 2022/11/03 8:43 a.m.48 views

Security Bulletin: Vulnerability in Netty shipped with IBM Operations Analytics - Log Analysis (CVE-2019-20444)

Summary Netty prior to version 4.1.44 is vulnerable to HTTP request smuggling. Vulnerability Details CVEID:CVE-2019-20444 DESCRIPTION: Netty is vulnerable to HTTP request smuggling, caused by a flaw in the HttpObjectDecoder.java. By sending a specially-crafted request, an attacker could exploit...

9.1CVSS8.9AI score0.08914EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/06 12:30 p.m.49 views

Security Bulletin: IBM Security Guardium Insights is affected by Components with known vulnerabilities

Summary IBM Security Guardium Insights has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2019-16869 DESCRIPTION: Netty is vulnerable to HTTP request smuggling, caused by a flaw when handling unusual whitespaces before the colon in HTTP headers. By sending a...

9.1CVSS0.6AI score0.13474EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/10/05 9:5 p.m.47 views

Security Bulletin: Netty Vulnerabilities Affect the B2B API of IBM Sterling B2B Integrator

Summary IBM Sterling B2B Integrator has addressed the security vulnerabilities. Vulnerability Details CVEID: CVE-2019-20445 DESCRIPTION: Netty could provide weaker than expected security, caused by non-proper handling of Content-Length and Transfer-Encoding in the HttpObjectDecoder.java. A remote...

9.1CVSS0.7AI score0.18891EPSS
Exploits4Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/04/06 12:0 a.m.239 views

Debian DSA-4885-1 : netty - security update

Multiple security issues were discovered in Netty, a Java NIO client/server framework, which could result in HTTP request smuggling, denial of service or information disclosure. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...

9.1CVSS6.4AI score0.18891EPSS
Exploits4References10
OpenVAS
OpenVAS
added 2020/10/28 12:0 a.m.24 views

Ubuntu: Security Advisory (USN-4600-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS8.6AI score0.13474EPSS
Exploits4References2
OSV
OSV
added 2020/10/27 1:40 p.m.4 views

USN-4600-2 netty vulnerabilities

USN-4600-1 fixed multiple vunerabilities in Netty 3.9. This update provides the corresponding fixes for CVE-2019-20444, CVE-2019-20445 for Netty. Also it was discovered that Netty allow for unbounded memory allocation. A remote attacker could send a large stream to the Netty server causing it to...

9.1CVSS6.9AI score0.13474EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2020/10/27 12:0 a.m.48 views

Ubuntu 18.04 LTS : Netty vulnerabilities (USN-4600-2)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4600-2 advisory. USN-4600-1 fixed multiple vunerabilities in Netty 3.9. This update provides the corresponding fixes for CVE-2019-20444, CVE-2019-20445 for Netty. Also it...

9.1CVSS7.1AI score0.13474EPSS
Exploits2References4
Ubuntu
Ubuntu
added 2020/10/22 6:26 p.m.100 views

USN-4600-1: Netty vulnerabilities

It was discovered that Netty had HTTP request smuggling vulnerabilities. A remote attacker could used it to extract sensitive information. CVE-2019-16869, CVE-2019-20444, CVE-2019-20445, CVE-2020-7238...

9.1CVSS7AI score0.13474EPSS
Exploits4
IBM Security Bulletins
IBM Security Bulletins
added 2020/10/09 7:48 p.m.25 views

Security Bulletin: IBM Security Guardium Insights is affected by a Netty vulnerability

Summary IBM Security Guardium Insights has addressed the following vulnerability Vulnerability Details CVEID: CVE-2019-20445 DESCRIPTION: Netty could provide weaker than expected security, caused by non-proper handling of Content-Length and Transfer-Encoding in the HttpObjectDecoder.java. A remot...

9.1CVSS0.6AI score0.13474EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/27 5:34 p.m.53 views

Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - Netty (CVE-2019-20445, CVE-2019-20444)

Summary Security vulnerabilities affect IBM Cloud Private Vulnerability Details CVEID: CVE-2019-20445 DESCRIPTION: Netty could provide weaker than expected security, caused by non-proper handling of Content-Length and Transfer-Encoding in the HttpObjectDecoder.java. A remote attacker could exploi...

9.1CVSS0.4AI score0.13474EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2020/09/23 12:0 a.m.43 views

Ubuntu 18.04 LTS : Netty vulnerabilities (USN-4532-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4532-1 advisory. It was discovered that Netty incorrectly handled certain HTTP headers. By sending an HTTP header with whitespace before the colon, a remote attacker coul...

9.1CVSS7.2AI score0.13474EPSS
Exploits3References4
Ubuntu
Ubuntu
added 2020/09/22 4:15 p.m.90 views

USN-4532-1: Netty vulnerabilities

It was discovered that Netty incorrectly handled certain HTTP headers. By sending an HTTP header with whitespace before the colon, a remote attacker could possibly use this issue to perform an HTTP request smuggling attack. CVE-2019-16869 It was discovered that Netty incorrectly handled certain...

9.1CVSS7.1AI score0.13474EPSS
Exploits3
Rows per page
Query Builder