9 matches found
Security Bulletin: Multiple vulnerabilities in IBM watsonx Orchestrate Developer Edition
Summary Multiple vulnerabilities were addressed in IBM watsonx Orchestrate Developer Edition version 2.12.0 Vulnerability Details CVEID:CVE-2026-42578 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty's HttpProxyHandl...
ROOT-APP-MAVEN-CVE-2026-42579 CVE-2026-42579 in io.root.io.netty:netty-codec-dns - Patched by Root
Root has patched CVE-2026-42579 in the io.root.io.netty:netty-codec-dns package for Root:Maven. Multiple fixed versions available...
CVE-2026-42579
A flaw was found in Netty. Netty's DNS Domain Name System codec does not properly enforce domain name constraints as defined in RFC 1035 during both encoding and decoding processes. This vulnerability allows a remote attacker to exploit the decoder using malicious DNS responses or exploit the...
Linux Distros Unpatched Vulnerability : CVE-2026-42579
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty's DNS codec does not enforce RFC 1035 domai...
CVE-2026-42579 Netty: DNS Codec Input Validation Bypass in Netty (Encoder + Decoder)
Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty's DNS codec does not enforce RFC 1035 domain name constraints during either encoding or decoding. This creates a bidirectional attack surface: malicious DNS responses can exploit t...
CVE-2026-42579 vulnerabilities
Vulnerabilities for packages: thingsboard, keycloak, infinispan, management-api-for-apache-cassandra-5.0, wildfly, spark, akhq, strimzi-kafka-operator, apicurio-registry, flyway, zipkin, druid, opensearch, tez, apache-pulsar, apache-nifi, trino...
ai.agentican:agentican-quarkus-deployment (>=0.1.0-alpha.1 <=0.1.0-alpha.4), ai.agentican:agentican-quarkus-metrics (>=0.1.0-alpha.1 <=0.1.0-alpha.4) +14444 more potentially affected by CVE-2026-42579 via io.netty:netty-codec-dns (>=4.1.0.Beta4 <=4.1.132.Final)
io.netty:netty-codec-dns MAVEN version =4.1.0.Beta4, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.3, =0.1.0, =0.1.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.28.0 and more Source cves: CVE-2026-42579 Source...
ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +2051 more potentially affected by CVE-2026-42579 via io.netty:netty-codec-dns (>=4.2.0.Alpha1 <=4.2.12.Final)
io.netty:netty-codec-dns MAVEN version =4.2.0.Alpha1, =0.1.0, =0.1.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.2 and more Source cves: CVE-2026-42579 Source advisory: SNYK:JAVA-IONETTY-16438938...
ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +2051 more potentially affected by CVE-2026-42579 via io.netty:netty-codec-dns (>=4.2.0.Alpha1 <=4.2.12.Final)
io.netty:netty-codec-dns MAVEN version =4.2.0.Alpha1, =0.1.0, =0.1.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.2 and more Source cves: CVE-2026-42579 Source advisory: OSV:GHSA-CM33-6792-R9FM...