Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

IBM Security Bulletins
IBM Security Bulletinsadded 2025/11/18 5:2 p.m.3 views

Security Bulletin: Netty Decompression Decoders Allow Unbounded Buffer Allocation Leading to DoS (Fixed in 4.1.125/4.2.5)

Summary Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In netty-codec-compression versions 4.1.124.Final and below, and netty-codec versions 4.2.4.Final and below, when supplied with specially...

7.5CVSS6.5AI score0.00063EPSS
Exploits1Affected Software1
Veracode
Veracodeadded 2025/09/29 7:40 p.m.4 views

Denial Of Service (DoS)

Netty is vulnerable to Denial Of Service DoS. The vulnerability is due to the BrotliDecoder and certain decompression decoders allocating a large number of reachable byte buffers when processing specially crafted input, eventually leading to out-of-memory conditions...

7.5CVSS7AI score0.00063EPSS
Exploits1References4Affected Software4
CNNVD
CNNVDadded 2025/09/04 12:0 a.m.1 views

Netty 安全漏洞

Netty is a non-blocking I/O client-server framework from the Netty community, which is primarily used for developing Java web applications such as protocol servers and clients. A security vulnerability exists in Netty versions 4.1.124.Final and earlier and 4.2.4.Final and earlier, which stems fro...

7.5CVSS5.3AI score0.00063EPSS
Exploits1References6
Rows per page
Query Builder