CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

IBM Security Bulletins•added 2026/03/19 1:33 p.m.•3 views

Security Bulletin: IBM Datapower Operations Dashboard is vulnerable to HTTP Request Smuggling CVE-2025-58056

Summary Netty is used by the IBM Datapower Operations Dashboard in their network implementation Vulnerability Details CVEID:CVE-2025-58056 DESCRIPTION: Netty is an asynchronous event-driven network application framework for development of maintainable high performance protocol servers and clients...

7.5CVSS5.8AI score0.00097EPSS

Exploits2Affected Software1

Tenable Nessus•added 2026/01/27 12:0 a.m.•3 views

Atlassian Jira Service Management Data Center and Server 5.12.x < 5.12.28 / 10.3.x < 10.3.11 / 11.0.x < 11.1.0 (JSDSERVER-16412)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16412 advisory. - Netty is an asynchronous event-driven network application framework for rapid development of...

7.5CVSS5.9AI score0.00063EPSS

RedHat Linux•added 2025/12/16 11:13 p.m.•1 views

netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack

A flaw was found in Netty. With specially crafted input, BrotliDecoder and some other decompressing decoders will allocate a large number of reachable byte buffers, which can lead to denial of service...

IBM Security Bulletins•added 2025/12/09 4:54 a.m.•6 views

Security Bulletin: Netty Affected by Decompression Flaw Where BrotliDecoder Allocates Unlimited Buffers, Enabling DoS, affects watsonx.data

Summary Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In netty-codec-compression versions 4.1.124.Final and below, and netty-codec versions 4.2.4.Final and below, when supplied with specially...

Exploits1Affected Software1

RedHat Linux•added 2025/10/23 5:50 p.m.•4 views

netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack

RedHat Linux•added 2025/10/14 1:1 p.m.•1 views

netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-26649

Malicious code in bioql PyPI...

7.5CVSS6.3AI score0.00063EPSS

Exploits1References3

RedHat Linux•added 2025/10/02 11:58 a.m.•2 views

Moderate: Red Hat Security Advisory: Red Hat build of Quarkus 3.15.7 release and security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more informatio...

7.5CVSS6.6AI score0.00097EPSS

Exploits2References13

RedHat Linux•added 2025/10/02 11:58 a.m.•0 views

netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack

Tenable Nessus•added 2025/09/06 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2025-58057

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In...

7.5CVSS6.7AI score0.00063EPSS

SUSE CVE•added 2025/09/04 11:22 p.m.•1 views

SUSE CVE-2025-58057

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In netty-codec-compression versions 4.1.124.Final and below, and netty-codec versions 4.2.4.Final and below, when supplied with specially crafted...

5.3CVSS4.7AI score0.00063EPSS

Exploits1References4

NVD•added 2025/09/04 10:42 a.m.•1 views

CVE-2025-58057

7.5CVSS0.00063EPSS

OSV•added 2025/09/04 10:42 a.m.•1 views

DEBIAN-CVE-2025-58057

7.5CVSS6.1AI score0.00063EPSS

Exploits1References1

OSV•added 2025/09/04 10:42 a.m.•0 views

UBUNTU-CVE-2025-58057

7.5CVSS6.7AI score0.00063EPSS

CNNVD•added 2025/09/04 12:0 a.m.•1 views

Netty 安全漏洞

Netty is a non-blocking I/O client-server framework from the Netty community, which is primarily used for developing Java web applications such as protocol servers and clients. A security vulnerability exists in Netty versions 4.1.124.Final and earlier and 4.2.4.Final and earlier, which stems fro...

7.5CVSS5.3AI score0.00063EPSS

Snyk•added 2025/09/03 10:42 p.m.•2 views

Improper Handling of Highly Compressed Data (Data Amplification)

Overview Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification via the BrotliDecoder.decompress function, which has no limit on how often it calls pull, decompressing data 64K bytes at a time. An attacker can exhaust system memory and...

8.7CVSS7.2AI score0.00063EPSS

Snyk•added 2025/09/03 10:42 p.m.•2 views

Improper Handling of Highly Compressed Data (Data Amplification)

Overview io.netty:netty-codec-http is a network application framework for rapid development of maintainable high performance protocol servers & clients. Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification via the...

8.7CVSS7.1AI score0.00063EPSS

Snyk•added 2025/09/03 10:42 p.m.•3 views

Improper Handling of Highly Compressed Data (Data Amplification)

Overview io.netty:netty-codec-http2 is a HTTP2 sub package for the netty library, an event-driven asynchronous network application framework. Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification via the BrotliDecoder.decompress functio...

8.7CVSS7.2AI score0.00063EPSS

Vulnrichment•added 2025/09/03 9:46 p.m.•1 views

CVE-2025-58057 Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack

6.9CVSS6.2AI score0.00063EPSS