Lucene search
K

15 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/19 2:46 p.m.5 views

Security Bulletin: IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) is affected by a HTTP Request Smullging Vulnerability in Netty (CVE-2026-33870)

Summary Netty is used by IBM DevOps Deploy / IBM UrbanCode Deploy UCD as part of the Server/Agent/Relay communication system. CVE-2026-33870. Vulnerability Details CVEID:CVE-2026-33870 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. In versions prior to...

7.5CVSS5.9AI score0.0064EPSS
Exploits1Affected Software1
OSV
OSV
added 2026/05/18 1:45 p.m.10 views

CLEANSTART-2026-IE61882 Security fixes for CVE-2026-33870, ghsa-72hv-8253-57qq, ghsa-pwqr-wmgm-9rr8 applied in versions: 2.19.5-r0

Multiple security vulnerabilities affect the opensearch package. These issues are resolved in later releases. See references for individual vulnerability details...

7.5CVSS5.8AI score0.0064EPSS
Exploits1References5
OSV
OSV
added 2026/05/18 1:35 p.m.13 views

CLEANSTART-2026-DV49899 Security fixes for CVE-2024-45993, CVE-2025-31344, CVE-2025-48924, CVE-2026-26740, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33210, CVE-2026-33810, CVE-2026-33870, ghsa-33mh-2634-fwr2, ghsa-3m6g-2423-7cp3, ghsa-72hv-8253-57qq, ghsa-j288-q9x7-2f5v, ghsa-j4pr-3wm6-xx2r, ghsa-pwqr-wmgm-9rr8, ghsa-wx95-c6cv-8532 applied in versions: 9.3.0-r1, 9.3.0-r2, 9.3.1-r0, 9.3.2-r0

Multiple security vulnerabilities affect the logstash-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

9.1CVSS6.8AI score0.02164EPSS
Exploits2References28
RedHat Linux
RedHat Linux
added 2026/05/18 12:24 p.m.18 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.6 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 8.1 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.9CVSS7.2AI score0.10629EPSS
Exploits6References46
IBM Security Bulletins
IBM Security Bulletins
added 2026/05/11 7:46 a.m.13 views

Security Bulletin: IBM App Connect for Manufacturing is vulnerable to multiple vulnerabilities due to Netty and jackson-core (CVE-2026-33870, WS-2026-003)

Summary IBM App Connect for Manufacturing is vulnerable to a request smuggling attack and a Denial of Service attack due to Netty and jackson-core. Vulnerability Details CVEID:CVE-2026-33870 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. In versions prior to...

7.5CVSS6.8AI score0.0064EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2026/05/06 5:58 p.m.18 views

Important: Red Hat Security Advisory: Red Hat AMQ Broker 7.13.5 release and security update

Red Hat AMQ Broker 7.13.5 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

9.3CVSS7.1AI score0.01146EPSS
Exploits2References11
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/28 10:37 p.m.8 views

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in netty-codec-http-4.1.129.Final.jar

Summary IBM Watson Discovery Cartridge affected by vulnerability in netty-codec-http-4.1.129.Final.jar Vulnerability Details CVEID:CVE-2026-33870 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.132.Final and 4.2.10.Final, Netty incorrect...

7.5CVSS8.2AI score0.0064EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/17 6:51 p.m.14 views

Security Bulletin: DevOps Test Performance contains a vulnerability related to use of the Netty framework

Summary Due to use of the Netty framework, DevOps Test Performance and Rational Performance Tester contain a potential HTTP request smuggling vulnerability. Vulnerability Details CVEID:CVE-2026-33870 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. In versions...

7.5CVSS5.7AI score0.0064EPSS
Exploits1Affected Software1
SUSE Linux
SUSE Linux
added 2026/04/15 1:37 p.m.6 views

Security update for netty, netty-tcnative

This update for netty, netty-tcnative fixes the following issues: Upidate to 4.1.132: CVE-2026-33870: incorrectly parses quoted strings in HTTP/1.1 can lead to request smuggling bsc1261031. CVE-2026-33871: sending a flood of CONTINUATION frames can lead to a denial of service bsc1261043. Changelo...

8.7CVSS5.9AI score0.01125EPSS
Exploits1References8
OSV
OSV
added 2026/04/15 1:37 p.m.3 views

SUSE-SU-2026:1353-1 Security update for netty, netty-tcnative

This update for netty, netty-tcnative fixes the following issues: Upidate to 4.1.132: - CVE-2026-33870: incorrectly parses quoted strings in HTTP/1.1 can lead to request smuggling bsc1261031. - CVE-2026-33871: sending a flood of CONTINUATION frames can lead to a denial of service bsc1261043...

8.7CVSS5.9AI score0.01125EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/04/14 5:20 p.m.6 views

Important: Red Hat Security Advisory: Red Hat Build of Apache Camel 4.14 for Quarkus 3.27 update is now available (RHBQ 3.27.3.GA)

An update for Red Hat Build of Apache Camel 4.14 for Quarkus 3.27 update is now available RHBQ 3.27.3.GA. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. An update for Red H...

8.7CVSS5.8AI score0.01125EPSS
Exploits2References4
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/01 12:0 a.m.6 views

netty-4.1.132-1.1 on GA media (moderate)

netty-4.1.132-1.1 on GA media Announcement ID: openSUSE-SU-2026:10463-1 Rating: moderate Cross-References: CVE-2026-33870 CVE-2026-33871 CVSS scores: CVE-2026-33870 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2026-33870 SUSE : 8.7...

8.7CVSS5.9AI score0.01125EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/03/28 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-33870

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.132.Final and 4.2.10.Final, Netty incorrectly parses quoted strin...

7.5CVSS6.6AI score0.0064EPSS
Exploits1References3
vulnersOsv
vulnersOsv
added 2026/03/26 6:48 p.m.13 views

ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +2093 more potentially affected by CVE-2026-33870 via io.netty:netty-codec-http (>=4.2.0.Alpha1 <=4.2.11.Final)

io.netty:netty-codec-http MAVEN version =4.2.0.Alpha1, =0.1.0, =0.1.0, =0.3.0 - ai.tock:bot-test =26.3.0 - ai.tock:bot-test-base =26.3.0 - ai.tock:bot-toolkit =26.3.0 - ai.tock:bot-toolkit-base =26.3.0 - ai.tock:tock-analytics-chatbase =26.3.0 - ai.tock:tock-aws-tools =26.3.0 -...

7.5CVSS6.5AI score0.0064EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/03/26 6:48 p.m.20 views

ai.agentican:agentican-framework-core (>=0.1.0-alpha.2 <=0.1.0-alpha.4), ai.agentican:agentican-quarkus-deployment (>=0.1.0-alpha.1 <=0.1.0-alpha.4) +23656 more potentially affected by CVE-2026-33870 via io.netty:netty-codec-http (>=4.0.0.Alpha1 <=4.1.131.Final)

io.netty:netty-codec-http MAVEN version =4.0.0.Alpha1, =0.1.0-alpha.2, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.3, =0.1.0-alpha.2, =0.1.0, =0.1.0, =0.2.0, =0.2.0, =0.28.0 and more Source cves:...

7.5CVSS6.5AI score0.0064EPSS
Exploits1
Rows per page
Query Builder