37 matches found
Security Bulletin: IBM B2B Advanced Communications is affected by multiple vulnerabilities in log4j
Summary IBM B2B Advanced Communications has addressed vulnerabilities in log4j shipped with productCVE-2022-0084 CVE-2020-36518 CVE-2021-37136 CVE-2022-23913 CVE-2022-24785 Vulnerability Details CVEID:CVE-2022-0084 DESCRIPTION: A flaw was found in XNIO, specifically in the notifyReadClosed method...
RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.1.11 on RHEL 7 (RHSA-2025:9582)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:9582 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...
CVE-2021-37136 vulnerabilities
Vulnerabilities for packages: druid...
Security Bulletin: IBM Security QRadar EDR Software contains multiple vulnerabilities
Summary IBM Security QRadar EDR Software includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2021-37137 DESCRIPTION: Netty netty-codec is vulnerable to a deni...
Security Bulletin: Vunerablities in Netty affect watsonx.data
Summary Netty is vulnerable to denial of service attacks. For CVE-2021-37136, the Netty Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data which affects the allocation size used during decompression. A malicious input can trigger an Out Of...
Important: Red Hat Security Advisory: Red Hat AMQ Streams 2.5.0 release and security update
Red Hat AMQ Streams 2.5.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Important: Red Hat Security Advisory: Red Hat AMQ Streams 2.4.0 release and security update
Red Hat AMQ Streams 2.4.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
Ubuntu: Security Advisory (USN-6049-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6049-1: Netty vulnerabilities
It was discovered that Netty's Zlib decoders did not limit memory allocations. A remote attacker could possibly use this issue to cause Netty to exhaust memory via malicious input, leading to a denial of service. This issue only affected Ubuntu 16.04 ESM and Ubuntu 20.04 ESM. CVE-2020-11612 It wa...
Security Bulletin: Netty Vulnerabilites 4.0.37
Summary Netty could provide various potential exploitable entry points including weaker than expected security, netty-codec is vulnerable to a denial of service, and HTTP request smuggling Vulnerability Details CVEID:CVE-2019-16869 DESCRIPTION: Netty is vulnerable to HTTP request smuggling, cause...
SUSE CVE-2021-37136
The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data which affects the allocation size used during decompression. All users of Bzip2Decoder are affected. The malicious input can trigger an OOME and so a DoS attack...
Debian dla-3268 : libnetty-java - security update
The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3268 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3268-1 [email protected]...
Important: Red Hat Security Advisory: Satellite 6.12 Release
An update is now available for Red Hat Satellite 6.12. The release contains a new version of Satellite and important security fixes for various components. Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring ...
RLSA-2022:8506 Important: Satellite 6.12 Release
Rocky Enterprise Software Foundation Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Security Fixes: netty-codec: Bzip2Decoder doesn't allow setting...
Security Bulletin: Enterprise Content Management System Monitor is affected by a vulnerability CVE-2021-37136 in Netty netty-codec
Summary Vulnerability found in Netty netty-codec component used by Enterprise Content Management System Monitor. Enterprise Content Management System Monitor has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2021-37136 DESCRIPTION: Netty netty-codec is vulnerable to a denial of...
Moderate: Red Hat Security Advisory: Red Hat Process Automation Manager 7.13.0 security update
An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE lin...
Security Bulletin: IBM Cloud Pak for Multicloud Management Monitoring is vulnerable to several attack vectors due to its use of Apache Netty (CVE-2021-37136, CVE-2021-37137, CVE-2021-43797)
Summary Several security vulnerablities were found in the Apache Netty library used by several components in IBM Cloud Pak for Multicloud Management Monitoring. Vulnerability Details CVEID: CVE-2021-37136 DESCRIPTION: Netty netty-codec is vulnerable to a denial of service, caused by not allow siz...
Moderate: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.5 security update on RHEL 7
A security update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.4.5 security update on RHEL 8 (Moderate) (RHSA-2022:4919)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:4919 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...
RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.4.5 security update on RHEL 7 (Moderate) (RHSA-2022:4918)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:4918 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...