EUVD-2025-28583

Malicious code in bioql PyPI...

EUVD-2024-0832

Malicious code in bioql PyPI...

EUVD-2022-1918

Malicious code in bioql PyPI...

Denial Of Service (DoS)

Netty is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of malformed HTTP/2 control frames due to a flaw in enforcing the max concurrent streams limit, leading to resource exhaustion and denial of service...

OESA-2025-2286 netty security update

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers clients. %package help Summary: Documents for Buildarch: noarch Requires: man info Provides: -javadoc = - Obsoletes: -javadoc - %description help Man pages a...

Linux Distros Unpatched Vulnerability : CVE-2025-58057

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In...

CVE-2025-58056

A flaw in Netty’s HTTP/1.1 chunked encoding parser allows newline LF characters in chunk extensions to be incorrectly treated as the end of the chunk-size line instead of requiring the proper CRLF sequence. This discrepancy can be exploited in rare cases where a reverse proxy interprets the same...

OESA-2025-2150 netty security update

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers clients. %package help Summary: Documents for Buildarch: noarch Requires: man info Provides: -javadoc = - Obsoletes: -javadoc - %description help Man pages a...

UBUNTU-CVE-2025-58057

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In netty-codec-compression versions 4.1.124.Final and below, and netty-codec versions 4.2.4.Final and below, when supplied with specially crafted...

CVE-2025-58056

Netty is an asynchronous event-driven network application framework for development of maintainable high performance protocol servers and clients. In versions 4.1.124.Final, and 4.2.0.Alpha3 through 4.2.4.Final, Netty incorrectly accepts standalone newline characters LF as a chunk-size line...

UBUNTU-CVE-2025-58056

Netty is an asynchronous event-driven network application framework for development of maintainable high performance protocol servers and clients. In versions 4.1.124.Final, and 4.2.0.Alpha3 through 4.2.4.Final, Netty incorrectly accepts standalone newline characters LF as a chunk-size line...

CVE-2025-58056

The CVE-2025-58056 vulnerability in Netty (affecting 4.1.124.Final and 4.2.0.Alpha3 through 4.2.4.Final) allows HTTP request smuggling when a reverse proxy treats LF as a chunk-size terminator, bypassing CRLF requirements. Netty requires CRLF per HTTP/1.1, but due to LF handling, a proxy can send...

Netty 环境问题漏洞

Netty is a non-blocking I/O client-server framework from the Netty community that is primarily used to develop Java web applications such as protocol servers and clients. An environment issue vulnerability exists in Netty versions 4.1.124.Final and 4.2.0.Alpha3 through 4.2.4.Final, which stems fr...

CVE-2025-55163

A flaw was found in Netty where malformed client requests can trigger server-side stream resets without triggering abuse counters. This issue, referred to as the "MadeYouReset" attack, allows malicious clients to induce excessive server workload by repeatedly causing server-side stream aborts...

DEBIAN-CVE-2025-55163

Netty is an asynchronous, event-driven network application framework. Prior to versions 4.1.124.Final and 4.2.4.Final, Netty is vulnerable to MadeYouReset DDoS. This is a logical vulnerability in the HTTP/2 protocol, that uses malformed HTTP/2 control frames in order to break the max concurrent...

CVE-2025-55163 Netty MadeYouReset HTTP/2 DDoS Vulnerability

Netty is an asynchronous, event-driven network application framework. Prior to versions 4.1.124.Final and 4.2.4.Final, Netty is vulnerable to MadeYouReset DDoS. This is a logical vulnerability in the HTTP/2 protocol, that uses malformed HTTP/2 control frames in order to break the max concurrent...

PT-2025-32984

Name of the Vulnerable Software and Affected Versions AMPHP affected versions not specified Apache Tomcat affected versions not specified Eclipse Foundation affected versions not specified F5 affected versions not specified Fastly affected versions not specified gRPC affected versions not specifi...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2025-25193)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities, Maximo Adapter for Primavera, and...

Security Bulletin: Multiple Vulnerabilities in IBM Event Processing

Summary Multiple vulnerabilities were addressed in IBM Event Processing version 1.4.1 Vulnerability Details CVEID:CVE-2025-27789 DESCRIPTION: Babel is a compiler for writing next generation JavaScript. When using versions of Babel prior to 7.26.10 and 8.0.0-alpha.17 to compile regular expression...

Security Bulletin: An unsafe reading of environment file could potentially cause a denial of service in Netty, affecting watsonx.data

Summary Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An unsafe reading of environment file could potentially cause a denial of service in Netty. These could affect watsonx.data. Vulnerability...