Lucene search
K

21 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/04 7:57 a.m.13 views

Security Bulletin: A vulnerability has been identified in the Netty framework used by IBM DevOps Plan (CVE-2025-58057)

Summary A vulnerability has been identified in the Netty framework used by IBM DevOps Plan. Vulnerability Details CVEID:CVE-2025-58057 DESCRIPTION: Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients...

7.5CVSS5.7AI score0.00561EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/06 5:55 p.m.13 views

Security Bulletin: Due to use of Netty, IBM Operations Analytics - Log Analysis is affected by denial of service, information disclosure, and HTTP request smuggling

Summary Netty in Apache ZooKeeper and Logstash is used by IBM Operations Analytics - Log Analysis as part of the client/server network transport layer, and network-related plugins for protocol and event transport. CVE-2014-0193, CVE-2014-3488, CVE-2015-2156, CVE-2019-20444, CVE-2024-47535,...

9.1CVSS6.8AI score0.08914EPSS
Exploits5Affected Software1
Debian
Debian
added 2026/03/11 10:20 p.m.14 views

[SECURITY] [DSA 6160-1] netty security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6160-1 [email protected] https://www.debian.org/security/ Markus Koschany March 11, 2026 https://www.debian.org/security/faq -...

8.2CVSS5.8AI score0.01617EPSS
Exploits5
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 7:17 p.m.9 views

Security Bulletin: Vulnerabilities in netty-codec-4.1.124.Final.jar, netty-codec-http-4.1.108.Final.jar, netty-codec-http2-4.1.124.Final.jar affecting MongoDB Enterprised Advanced (CVE-2025-58056, CVE-2025-58057, CVE-2025-67735)

Summary There are vulnerabilities in netty-codec-4.1.124.Final.jar, netty-codec-http-4.1.108.Final.jar, netty-codec-http2-4.1.124.Final.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-58056, CVE-2025-58057, CVE-2025-67735. The vulnerabilities have been addressed. Vulnerabilit...

7.5CVSS5.4AI score0.00631EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/24 7:15 p.m.6 views

Security Bulletin: Vulnerabilities in netty-codec-4.1.124.Final.jar, netty-codec-http-4.1.108.Final.jar, netty-codec-http2-4.1.124.Final.jar affecting MongoDB Enterprised Advanced (CVE-2025-58057)

Summary There are vulnerabilities in netty-codec-4.1.124.Final.jar, netty-codec-http-4.1.108.Final.jar, netty-codec-http2-4.1.124.Final.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-58057. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-58057...

7.5CVSS5.4AI score0.00561EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.3 views

Atlassian Jira Service Management Data Center and Server 5.12.x < 5.12.28 / 10.3.x < 10.3.11 / 11.0.x < 11.1.0 (JSDSERVER-16412)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16412 advisory. - Netty is an asynchronous event-driven network application framework for rapid development of...

7.5CVSS5.9AI score0.00561EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/16 9:20 a.m.8 views

Security Bulletin: Vulnerability in Netty affects IBM Netezza Appliance

Summary The Netty package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-58057 Vulnerability Details CVEID:CVE-2025-58057 DESCRIPTION: Netty is an asynchronous event-driven network application framework for rapid development of maintainable high...

7.5CVSS7.2AI score0.00561EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/02 5:43 p.m.7 views

Security Bulletin: Rational Performance Tester contains a vulnerability related to use of the Netty framework

Summary Due to the use of Netty, Rational Performance Tester contains a vulnerability which could result in an Out of Memory OOM condition. CVE-2025-58057 Vulnerability Details CVEID:CVE-2025-58057 DESCRIPTION: Netty is an asynchronous event-driven network application framework for rapid...

7.5CVSS6.5AI score0.00561EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/02 5:37 p.m.7 views

Security Bulletin: Rational Performance Tester contains vulnerabilities related to the Netty framework

Summary Due to the use of Netty, Rational Performance Tester contains vulnerabilities that could allow HTTP request smuggling or a denial of service attack. CVE-2025-58056, CVE-2025-58057 Vulnerability Details CVEID:CVE-2025-58056 DESCRIPTION: Netty is an asynchronous event-driven network...

7.5CVSS6.6AI score0.00631EPSS
Exploits2Affected Software1
OpenVAS
OpenVAS
added 2025/12/10 12:0 a.m.2 views

Ubuntu: Security Advisory (USN-7918-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.2AI score0.00631EPSS
Exploits2References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/09 4:54 a.m.8 views

Security Bulletin: Netty Affected by Decompression Flaw Where BrotliDecoder Allocates Unlimited Buffers, Enabling DoS, affects watsonx.data

Summary Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In netty-codec-compression versions 4.1.124.Final and below, and netty-codec versions 4.2.4.Final and below, when supplied with specially...

7.5CVSS6.5AI score0.00561EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/14 8:49 p.m.8 views

Security Bulletin: Multiple vulnerabilities in IBM Planning Analytics Advanced Certified Containers

Summary Multiple vulnerabilities were addressed in IBM Planning Analytics Advanced Certified Containers 3.1.2. Vulnerability Details CVEID:CVE-2025-23166 DESCRIPTION: The C++ method SignTraits::DeriveBits may incorrectly call ThrowException based on user-supplied inputs when executing in a...

8CVSS6.5AI score0.00763EPSS
Exploits3Affected Software5
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/14 3:50 p.m.5 views

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to denial of service due to the netty package (CVE-2025-58057)

Summary Netty is used by DataStage on Cloud Pak for Data as part of the request processing functionality. Vulnerability Details CVEID:CVE-2025-58057 DESCRIPTION: Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol...

7.5CVSS6.5AI score0.00561EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/10 7:12 a.m.2 views

Security Bulletin: There is a vulnerability in netty-codec-4.1.115.Final.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2025-58057)

Summary There is a vulnerability in netty-codec-4.1.115.Final.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2025-58057 DESCRIPTION: Netty is an asynchronous event-driven network application framework for rapid development of maintainabl...

7.5CVSS6.4AI score0.00561EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/03 6:4 p.m.6 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Netty codec (CVE-2025-58057)

Summary A vulnerability in Netty codec that is used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-58057 DESCRIPTION: Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol serve...

7.5CVSS6.2AI score0.00561EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2025/10/14 1:1 p.m.5 views

Moderate: Red Hat Security Advisory: Red Hat build of Quarkus 3.20.3 release and security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more information...

7.5CVSS6.6AI score0.00631EPSS
Exploits2References32
OpenVAS
OpenVAS
added 2025/09/11 12:0 a.m.4 views

SUSE: Security Advisory (SUSE-SU-2025:03114-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS6.8AI score0.00979EPSS
Exploits3References6
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.2 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : netty, netty-tcnative (SUSE-SU-2025:03114-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03114-1 advisory. Upgrade to upstream version 4.1.126. Security issues fixed: - CVE-2025-58057: decompression...

8.2CVSS7.1AI score0.00979EPSS
Exploits3References10
OSV
OSV
added 2025/09/09 10:35 a.m.4 views

SUSE-SU-2025:03114-1 Security update for netty, netty-tcnative

This update for netty, netty-tcnative fixes the following issues: Upgrade to upstream version 4.1.126. Security issues fixed: - CVE-2025-58057: decompression codecs allocating a large number of buffers after processing specially crafted input can cause a denial of service bsc1249134. -...

8.2CVSS7AI score0.00979EPSS
Exploits3References7
vulnersOsv
vulnersOsv
added 2025/09/03 6:0 p.m.7 views

ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +4576 more potentially affected by CVE-2025-58057 via io.netty:netty-codec-compression (>=4.2.0.Alpha3 <=4.2.4.Final)

io.netty:netty-codec-compression MAVEN version =4.2.0.Alpha3, =0.1.0, =0.1.0, =4.7.4, =4.7.4, =4.7.3, =4.7.3, =4.7.3, =4.7.3, =4.7.3, =26.3.0, =26.3.0, =26.3.0, =26.3.2 and more Source cves: CVE-2025-58057 Source advisory: OSV:GHSA-3P8M-J85Q-PGMJ...

7.5CVSS6.6AI score0.00561EPSS
Exploits1
Rows per page
Query Builder