Lucene search
K

8 matches found

NVD
NVD
added 2026/06/12 4:16 p.m.17 views

CVE-2026-48006

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the RedisArrayAggregator handler permanently leaks pooled direct-memory buffers when a Redis pipeline connection closes before a RESP array aggregate...

8.7CVSS0.00489EPSS
Exploits0References6
CVE
CVE
added 2026/06/12 2:36 p.m.59 views

CVE-2026-48006

Summary : CVE-2026-48006 relates to Netty’s RedisArrayAggregator leaking pooled direct-memory buffers when a Redis pipeline connection closes before a RESP array aggregate completes. This occurs prior to Netty versions 4.1.135.Final and 4.2.15.Final . Root cause : The RedisArrayAggregator retains...

8.7CVSS5.3AI score0.00489EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/12 2:36 p.m.12 views

CVE-2026-48006 Netty's Lack of Lifecycle Cleanup Leads to Pooled ByteBuf Leak in RedisArrayAggregator

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the RedisArrayAggregator handler permanently leaks pooled direct-memory buffers when a Redis pipeline connection closes before a RESP array aggregate...

8.7CVSS5.3AI score0.00489EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/12 2:36 p.m.29 views

CVE-2026-48006 Netty's Lack of Lifecycle Cleanup Leads to Pooled ByteBuf Leak in RedisArrayAggregator

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the RedisArrayAggregator handler permanently leaks pooled direct-memory buffers when a Redis pipeline connection closes before a RESP array aggregate...

8.7CVSS0.00489EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/12 2:36 p.m.15 views

EUVD-2026-36492

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the RedisArrayAggregator handler permanently leaks pooled direct-memory buffers when a Redis pipeline connection closes before a RESP array aggregate...

8.7CVSS5.3AI score0.00489EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/06/11 1:26 p.m.13 views

Netty's Lack of Lifecycle Cleanup Leads to Pooled ByteBuf Leak in RedisArrayAggregator

Impact The RedisArrayAggregator handler permanently leaks pooled direct-memory buffers when a Redis pipeline connection closes before a RESP array aggregate completes. The handler retains child messages in per-handler state depths field but defines no channelInactive, handlerRemoved, or...

8.7CVSS5.5AI score0.00489EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/06/11 1:26 p.m.9 views

GHSA-6JV9-X5W9-2CCM Netty's Lack of Lifecycle Cleanup Leads to Pooled ByteBuf Leak in RedisArrayAggregator

Impact The RedisArrayAggregator handler permanently leaks pooled direct-memory buffers when a Redis pipeline connection closes before a RESP array aggregate completes. The handler retains child messages in per-handler state depths field but defines no channelInactive, handlerRemoved, or...

8.7CVSS5.5AI score0.00489EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.19 views

PT-2026-48682

Name of the Vulnerable Software and Affected Versions Netty versions prior to 4.1.135.Final Netty versions prior to 4.2.15.Final Description The RedisArrayAggregator handler permanently leaks pooled direct-memory buffers when a Redis pipeline connection closes before a RESP array aggregate...

8.7CVSS5.3AI score0.00489EPSS
Exploits0References25
Rows per page
Query Builder