Lucene search
K

24 matches found

Debian
Debian
added 2026/03/11 10:20 p.m.14 views

[SECURITY] [DSA 6160-1] netty security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6160-1 [email protected] https://www.debian.org/security/ Markus Koschany March 11, 2026 https://www.debian.org/security/faq -...

8.2CVSS5.8AI score0.01617EPSS
Exploits5
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/27 9:44 a.m.10 views

Security Bulletin: IBM Maximo Application Suite uses multiple third party dependencies which are vulnerable to CVEs.

Summary IBM Maximo Application Suite uses "org.apache.cxfcxf-core 3.6.7, io.nettynetty-codec-http 4.1.124.Final , github.com/golang-jwt/jwt/v4 v4.5.0" which are vulnerable to "CVE-2025-48913, CVE-2025-58056, CVE-2024-51744". This bulletin contains information regarding the vulnerabilities and how...

9.8CVSS7AI score0.00739EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 7:17 p.m.9 views

Security Bulletin: Vulnerabilities in netty-codec-4.1.124.Final.jar, netty-codec-http-4.1.108.Final.jar, netty-codec-http2-4.1.124.Final.jar affecting MongoDB Enterprised Advanced (CVE-2025-58056, CVE-2025-58057, CVE-2025-67735)

Summary There are vulnerabilities in netty-codec-4.1.124.Final.jar, netty-codec-http-4.1.108.Final.jar, netty-codec-http2-4.1.124.Final.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-58056, CVE-2025-58057, CVE-2025-67735. The vulnerabilities have been addressed. Vulnerabilit...

7.5CVSS5.4AI score0.00631EPSS
Exploits3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/02/03 12:0 a.m.10 views

Atlassian Jira Service Management Data Center and Server 5.12.x < 5.12.28 / 10.3.x < 10.3.11 / 11.0.x < 11.1.0 (JSDSERVER-16413)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16413 advisory. - Netty is an asynchronous event-driven network application framework for development of maintainable...

7.5CVSS5.5AI score0.00631EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/22 4:59 a.m.8 views

Security Bulletin: Vulnerabilities in Netty affects IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Potential vulnerability in Netty has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-58056 DESCRIPTION: Netty is a...

7.5CVSS6.3AI score0.00631EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/02 5:37 p.m.7 views

Security Bulletin: Rational Performance Tester contains vulnerabilities related to the Netty framework

Summary Due to the use of Netty, Rational Performance Tester contains vulnerabilities that could allow HTTP request smuggling or a denial of service attack. CVE-2025-58056, CVE-2025-58057 Vulnerability Details CVEID:CVE-2025-58056 DESCRIPTION: Netty is an asynchronous event-driven network...

7.5CVSS6.6AI score0.00631EPSS
Exploits2Affected Software1
OpenVAS
OpenVAS
added 2025/12/10 12:0 a.m.2 views

Ubuntu: Security Advisory (USN-7918-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.2AI score0.00631EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2025/11/25 2:9 a.m.11 views

Moderate: Red Hat Security Advisory: Red Hat build of Cryostat 4.1.0: new RHEL 9 container image security update

New Red Hat build of Cryostat 4.1.0 on RHEL 9 container images are now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.7AI score0.00631EPSS
Exploits1References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/10 7:11 a.m.4 views

Security Bulletin: There is a vulnerability in netty-codec-http-4.1.115.Final.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2025-58056)

Summary There is a vulnerability in netty-codec-http-4.1.115.Final.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2025-58056 DESCRIPTION: Netty is an asynchronous event-driven network application framework for development of maintainable...

7.5CVSS6.4AI score0.00631EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2025/10/15 9:14 a.m.9 views

Moderate: Red Hat Security Advisory: Red Hat Build of Apache Camel 4.10 for Quarkus 3.20 update is now available (RHBQ 3.20.3.GA)

An update for Red Hat Build of Apache Camel 4.10 for Quarkus 3.20 update is now available RHBQ 3.20.3.GA. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Red Hat Product...

7.5CVSS6.6AI score0.00631EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2025/10/14 1:1 p.m.4 views

Moderate: Red Hat Security Advisory: Red Hat build of Quarkus 3.20.3 release and security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more information...

7.5CVSS6.6AI score0.00631EPSS
Exploits2References32
RedHat Linux
RedHat Linux
added 2025/10/08 2:48 p.m.5 views

Important: Red Hat Security Advisory: Red Hat AMQ Broker 7.13.2 release and security update

Red Hat AMQ Broker 7.13.2 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.7CVSS6.9AI score0.08594EPSS
Exploits3References16
Tenable Nessus
Tenable Nessus
added 2025/10/02 12:0 a.m.8 views

RHEL 8 / 9 : Red Hat JBoss Enterprise Application Platform 8.0.9 (RHSA-2025:17317)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:17317 advisory. Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This...

9.8CVSS7AI score0.00979EPSS
Exploits2References20
OpenVAS
OpenVAS
added 2025/09/11 12:0 a.m.4 views

SUSE: Security Advisory (SUSE-SU-2025:03114-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS6.8AI score0.00979EPSS
Exploits3References6
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.2 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : netty, netty-tcnative (SUSE-SU-2025:03114-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03114-1 advisory. Upgrade to upstream version 4.1.126. Security issues fixed: - CVE-2025-58057: decompression...

8.2CVSS7.1AI score0.00979EPSS
Exploits3References10
OSV
OSV
added 2025/09/09 10:35 a.m.4 views

SUSE-SU-2025:03114-1 Security update for netty, netty-tcnative

This update for netty, netty-tcnative fixes the following issues: Upgrade to upstream version 4.1.126. Security issues fixed: - CVE-2025-58057: decompression codecs allocating a large number of buffers after processing specially crafted input can cause a denial of service bsc1249134. -...

8.2CVSS7AI score0.00979EPSS
Exploits3References7
Wolfi
Wolfi
added 2025/09/06 2:36 p.m.6 views

CVE-2025-58056 vulnerabilities

Vulnerabilities for packages: flyway, strimzi-kafka-operator, docker-selenium, sonarqube, tez, druid, trino, kserve-modelmesh, apicurio-registry, celeborn, zipkin, logstash, apache-activemq-artemis, spark, thingsboard, apache-pulsar, keycloak, keycloak-operator, wildfly, wavefront-proxy, selenium...

7.5CVSS6.7AI score0.00631EPSS
Exploits1
Chainguard
Chainguard
added 2025/09/06 1:59 p.m.11 views

CVE-2025-58056 vulnerabilities

Vulnerabilities for packages: spark, hadoop-fips, grpc-java-fips, apache-pulsar, camunda-zeebe, kayenta, keycloak-fips, kayenta-fips, apache-nifi, keycloak, keycloak-operator-fips, debezium-connector-vitess, neo4j, kserve-modelmesh, druid, logstash, management-api-for-apache-cassandra-4.1,...

7.5CVSS6.7AI score0.00631EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/09/06 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-58056

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty is an asynchronous event-driven network application framework for development of maintainable high performance protocol servers and clients. In versions...

7.5CVSS6.8AI score0.00631EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2025/09/04 5:35 p.m.7 views

ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +3799 more potentially affected by CVE-2025-58056 via io.netty:netty-codec-http (>=4.2.0.Alpha1 <=4.2.4.Final)

io.netty:netty-codec-http MAVEN version =4.2.0.Alpha1, =0.1.0, =0.1.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.2 and more Source cves: CVE-2025-58056 Source advisory: OSV:GHSA-FGHV-69VJ-QJ49...

7.5CVSS6.6AI score0.00631EPSS
Exploits1
Rows per page
Query Builder