Lucene search
+L

22 matches found

redhatcve
redhatcve
added 2025/05/23 1:14 a.m.9 views

CVE-2022-41915

Netty project is an event-driven asynchronous network application framework. Starting in version 4.1.83.Final and prior to 4.1.86.Final, when calling DefaultHttpHeadesr.set with an iterator of values, header value validation was not performed, allowing malicious header values in the iterator to...

6.5CVSS6.6AI score0.00885EPSS
Exploits1References1
nessus
nessus
added 2024/12/11 12:0 a.m.22 views

Oracle Siebel Server <= 23.5 (July 2023 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2023 CPU advisory. - Vulnerability in the Siebel CRM product of Oracle Siebel CRM component: EAI JSON-java. Supported versions that are affected are 23.5 and prior...

9.8CVSS6.5AI score0.52458EPSS
Exploits12References14
ibm
ibm
added 2024/11/21 11:47 a.m.23 views

Security Bulletin: IBM SPSS Analytic Server is affected by vulnerability in Netty (CVE-2022-41915)

Summary Netty is used by IBM SPSS Analytic Server. The latest patch includes Netty 4.1.109.Final to fix the vulnerability. Vulnerability Details CVEID:CVE-2022-41915 DESCRIPTION: Netty is vulnerable to HTTP response splitting attacks, caused by a flaw when calling DefaultHttpHeaders.set with an...

6.5CVSS6.4AI score0.00885EPSS
Exploits1Affected Software1
nessus
nessus
added 2024/07/19 12:0 a.m.138 views

Oracle Database Server (Jul 2024 CPU)

The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2024 CPU advisory. - Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be...

7.5CVSS6.7AI score0.54026EPSS
Exploits2References13
ibm
ibm
added 2023/07/24 7:55 p.m.41 views

Security Bulletin: Netty is vulnerable to CVE-2022-41915 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses Netty which is vulnerable to CVE-2022-41915. Vulnerability Details CVEID:CVE-2022-41915 DESCRIPTION: Netty is vulnerable to HTTP response splitting attacks, caused by a flaw when calling DefaultHttpHeaders.set with an iterator of value...

6.5CVSS6.8AI score0.00885EPSS
Exploits1Affected Software1
nessus
nessus
added 2023/06/22 12:0 a.m.32 views

SUSE SLED15: netty / netty-javadoc / netty-poms / netty-tcnative / etc (SUSE-SU-2023:2096-2)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2096-2 advisory. netty: - Security fixes included in this version update from 4.1.75 to 4.1.90: CVE-2022-24823:...

7.5CVSS7AI score0.01466EPSS
Exploits3References10
nessus
nessus
added 2023/05/11 12:0 a.m.38 views

SUSE SLED15: netty / netty-javadoc / netty-poms / netty-tcnative / etc (SUSE-SU-2023:2096-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2096-1 advisory. netty: - Security fixes included in this version update from 4.1.75 to 4.1.90: CVE-2022-24823:...

7.5CVSS7AI score0.01466EPSS
Exploits3References10
openvas
openvas
added 2023/05/09 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2023:2096-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.01466EPSS
Exploits3References20
ibm
ibm
added 2023/05/05 2:17 p.m.43 views

Security Bulletin: Vulnerability in Netty affects IBM Process Mining . CVE-2022-41881

Summary There is a vulnerability in Netty that could allow a remote authenticated attacker to execute denial of service on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details...

7.5CVSS7.3AI score0.01466EPSS
Exploits2Affected Software1
osv
osv
added 2023/05/04 7:9 a.m.6 views

SUSE-SU-2023:2096-1 Security update for netty, netty-tcnative

This update for netty, netty-tcnative fixes the following issues: netty: - Security fixes included in this version update from 4.1.75 to 4.1.90: CVE-2022-24823: Local Information Disclosure Vulnerability in Netty on Unix-Like systems due temporary files for Java 6 and lower in...

7.5CVSS6.6AI score0.01466EPSS
Exploits3References7
ibm
ibm
added 2023/05/02 8:35 p.m.35 views

Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in Netty

Summary IBM Watson Discovery Cartridge for IBM Cloud Pak for Data contains a vulnerable version of Netty. Vulnerability Details CVEID:CVE-2022-41915 DESCRIPTION: Netty is vulnerable to HTTP response splitting attacks, caused by a flaw when calling DefaultHttpHeaders.set with an iterator of values...

6.5CVSS6.8AI score0.00885EPSS
Exploits1Affected Software1
openvas
openvas
added 2023/05/01 12:0 a.m.30 views

Ubuntu: Security Advisory (USN-6049-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.18891EPSS
Exploits3References2
ubuntu
ubuntu
added 2023/04/28 4:2 p.m.72 views

USN-6049-1: Netty vulnerabilities

It was discovered that Netty's Zlib decoders did not limit memory allocations. A remote attacker could possibly use this issue to cause Netty to exhaust memory via malicious input, leading to a denial of service. This issue only affected Ubuntu 16.04 ESM and Ubuntu 20.04 ESM. CVE-2020-11612 It wa...

7.5CVSS6.5AI score0.18891EPSS
Exploits3
ibm
ibm
added 2023/03/30 7:17 p.m.31 views

Security Bulletin: IBM UrbanCode Deploy (UCD) is vulnerable to HTTP response splitting due to Netty (CVE-2022-41915)

Summary Netty is used by IBM UrbanCode Deploy UCD for network communication. An attacker may be able to inject HTTP/1.1 response header and cause the server to return a split resonse. CVE-2022-41915 Vulnerability Details CVEID:CVE-2022-41915 DESCRIPTION: Netty is vulnerable to HTTP response...

6.5CVSS6.8AI score0.00885EPSS
Exploits1Affected Software1
ibm
ibm
added 2023/03/29 3:5 a.m.33 views

Security Bulletin: IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library is affected by vulnerability in Netty (CVE-2022-41915)

Summary Netty CVE-2022-41915 is used by IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library for the Probe for Message Bus integrations. The latest patch includes Netty 4.1.86.Final to fix the vulnerability. Vulnerability Details CVEID:CVE-2022-41915 DESCRIPTION: Netty is...

6.5CVSS6.8AI score0.00885EPSS
Exploits1Affected Software3
ibm
ibm
added 2023/03/02 3:29 p.m.62 views

Security Bulletin: Operations Dashboard is vulnerable to denial of service and response splitting due to vulnerabilities in Netty (CVE-2022-41881 and CVE-2022-41915)

Summary Operations Dashboard is vulnerable to denial of service and response splitting due to vulnerabilities in Netty with details below. Vulnerability Details CVEID:CVE-2022-41881 DESCRIPTION: Netty is vulnerable to a denial of service, caused by a StackOverflowError in HAProxyMessageDecoder. B...

7.5CVSS7.1AI score0.01466EPSS
Exploits2Affected Software1
ibm
ibm
added 2023/02/14 7:18 p.m.44 views

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Netty HTTP response splitting (CVE-2022-41915)

Summary Potential security bypass vulnerability in Netty-CVE-2022-41915 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2022-41915 DESCRIPTION: Netty is vulnerable to HTTP response...

6.5CVSS7AI score0.00885EPSS
Exploits1Affected Software1
nessus
nessus
added 2023/01/16 12:0 a.m.43 views

Debian dla-3268 : libnetty-java - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3268 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3268-1 [email protected]...

7.5CVSS6.8AI score0.0628EPSS
Exploits2References12
wolfi
wolfi
added 2022/12/13 7:15 a.m.54 views

CVE-2022-41915 vulnerabilities

Vulnerabilities for packages: apache-nifi...

6.5CVSS6.6AI score0.00885EPSS
Exploits1
cgr
cgr
added 2022/12/13 7:15 a.m.22 views

CVE-2022-41915 vulnerabilities

Vulnerabilities for packages: apache-nifi...

6.5CVSS6.4AI score0.00885EPSS
Exploits1
Rows per page
Query Builder