Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

20 matches found

IBM Security Bulletins
IBM Security Bulletinsadded 2024/09/04 10:20 p.m.20 views

Security Bulletin: Vulnerability in Netty affects watsonx.data

Summary Netty is vulnerable to a denial of service, caused by a StackOverflowError in HAProxyMessageDecoder. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2022-41881 DESCRIPTION: Netty is vulnerable to a denial of service, caused by a StackOverflowError in HAProxyMessageDecoder. B...

7.5CVSS8.2AI score0.00448EPSS
Exploits1Affected Software1
OSV
OSVadded 2023/12/29 11:6 a.m.2 views

OESA-2023-1999 netty security update

Security Fixes: Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no...

7.5CVSS8.9AI score0.00448EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2023/05/13 12:0 a.m.32 views

RHEL 8 : Red Hat Single Sign-On 7.6.3 security update on RHEL 8 (Moderate) (RHSA-2023:2706)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2706 advisory. Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...

7.5CVSS7AI score0.01387EPSS
Exploits2References17
Tenable Nessus
Tenable Nessusadded 2023/05/13 12:0 a.m.42 views

RHEL 7 : Red Hat Single Sign-On 7.6.3 security update on RHEL 7 (Moderate) (RHSA-2023:2705)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2705 advisory. Red Hat Single Sign-On 7.6 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single...

7.5CVSS7AI score0.01387EPSS
Exploits2References17
Tenable Nessus
Tenable Nessusadded 2023/05/11 12:0 a.m.36 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : netty, netty-tcnative (SUSE-SU-2023:2096-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2096-1 advisory. - Netty is an open-source, asynchronous event-driven network application framework. The package...

7.5CVSS6.5AI score0.00497EPSS
Exploits4References10
RedHat Linux
RedHat Linuxadded 2023/05/10 11:25 a.m.2 views

codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS

A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service DoS...

7.5CVSS7.1AI score0.00448EPSS
Exploits1References4
OpenVAS
OpenVASadded 2023/05/09 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2023:2096-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.00497EPSS
Exploits3References20
IBM Security Bulletins
IBM Security Bulletinsadded 2023/05/02 12:17 p.m.36 views

Security Bulletin: IBM Spectrum Scale Transparent Cloud Tiering is affected by a vulnerability which can cause denial of service (CVE-2022-41881)

Summary A vulnerability in IBM Spectrum Scale Transparent Cloud Tiering could allow a remote attacker to cause a denial of service condition. Vulnerability Details CVEID:CVE-2022-41881 DESCRIPTION: Netty is vulnerable to a denial of service, caused by a StackOverflowError in HAProxyMessageDecoder...

7.5CVSS6.2AI score0.00448EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linuxadded 2023/02/21 3:41 p.m.34 views

Moderate: Red Hat Security Advisory: Red Hat Integration Camel Extension For Quarkus 2.13.2-1 security update

Red Hat Integration Camel Extensions for Quarkus 2.13.2-1 release and security update is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Red Hat Product Security has rated this update as having an impact of Moderate. A Common Vulnerability...

7.5CVSS6.6AI score0.00448EPSS
Exploits2References5
RedHat Linux
RedHat Linuxadded 2023/02/16 12:57 p.m.64 views

Moderate: Red Hat Security Advisory: Red Hat build of Eclipse Vert.x 4.3.7 security update

An update is now available for Red Hat build of Eclipse Vert.x. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more...

7.5CVSS6.8AI score0.00448EPSS
Exploits2References5
Tenable Nessus
Tenable Nessusadded 2023/01/12 12:0 a.m.39 views

Debian DSA-5316-1 : netty - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-5316 advisory. Several out-of-memory, stack overflow or HTTP request smuggling vulnerabilities have been discovered in Netty, a Java NIO client/server socket framework, which ma...

7.5CVSS6.8AI score0.02383EPSS
Exploits2References14
OSV
OSVadded 2022/12/12 9:24 p.m.34 views

GHSA-FX2C-96VJ-985V HAProxyMessageDecoder Stack Exhaustion DoS

Impact A StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. Patches Users should upgrade to 4.1.86.Final. Workarounds There is no workaround, except using a custom HaProxyMessageDecoder. References When parsing a TLV with type = PP2TYPESSL, the...

5.3CVSS6.3AI score0.00448EPSS
Exploits1References6
Github Security Blog
Github Security Blogadded 2022/12/12 9:24 p.m.66 views

HAProxyMessageDecoder Stack Exhaustion DoS

Impact A StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. Patches Users should upgrade to 4.1.86.Final. Workarounds There is no workaround, except using a custom HaProxyMessageDecoder. References When parsing a TLV with type = PP2TYPESSL, the...

7.5CVSS7.4AI score0.00448EPSS
Exploits1References6Affected Software1
NVD
NVDadded 2022/12/12 6:15 p.m.24 views

CVE-2022-41881

Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except...

7.5CVSS0.00448EPSS
Exploits1References4
OSV
OSVadded 2022/12/12 6:15 p.m.2 views

DEBIAN-CVE-2022-41881

Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except...

7.5CVSS6.5AI score0.00448EPSS
Exploits1References1
UbuntuCve
UbuntuCveadded 2022/12/12 6:15 p.m.41 views

CVE-2022-41881

Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except...

7.5CVSS6.8AI score0.00448EPSS
Exploits1References3
OSV
OSVadded 2022/12/12 6:15 p.m.3 views

UBUNTU-CVE-2022-41881

Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except...

7.5CVSS6.8AI score0.00448EPSS
Exploits1References4
Prion
Prionadded 2022/12/12 6:15 p.m.27 views

Design/Logic Flaw

Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except...

5CVSS7.3AI score0.00448EPSS
Exploits1References4Affected Software2
OSV
OSVadded 2022/12/12 12:0 a.m.37 views

CVE-2022-41881

Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except...

5.3CVSS7.3AI score0.00448EPSS
Exploits1References6
Debian CVE
Debian CVEadded 2022/12/12 12:0 a.m.47 views

CVE-2022-41881

Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except...

7.5CVSS6.7AI score0.00448EPSS
Exploits1
Rows per page
Query Builder