32 matches found
Debian dla-3834 : libnetty-java - security update
The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3834 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3834-1 [email protected] https://www.debian.org/lts/security/...
[SECURITY] [DSA 5558-1] netty security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5558-1 [email protected] https://www.debian.org/security/ Markus Koschany November 18, 2023 https://www.debian.org/security/faq -...
Amazon Corretto Java 17.x < 17.0.7.7.1 Multiple Vulnerabilities
The version of Amazon Corretto installed on the remote host is prior to 17 17.0.7.7.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-17-2023-Apr-18 advisory. - security-libs/javax.net.ssl CVE-2023-21930, CVE-2023-21967 - core-libs/java.net CVE-2023-21937 -...
[SECURITY] [DLA 3268-1] netty security update
Debian LTS Advisory DLA-3268-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany January 11, 2023 https://wiki.debian.org/LTS Package : netty Version : 1:4.1.33-1+deb10u3 CVE ID : CVE-2021-37136 CVE-2021-37137 CVE-2021-43797 CVE-2022-41881 CVE-2022-41915 Debian Bug ...
[SECURITY] [DSA 5316-1] netty security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5316-1 [email protected] https://www.debian.org/security/ Markus Koschany January 11, 2023 https://www.debian.org/security/faq -...
PT-2022-37253 · Oracle · Java
Name of the Vulnerable Software and Affected Versions: Java affected versions not specified Description: The issue is related to a security exception in Java, specifically in the java.nio package. The crash occurs in the reserveMemory function of java.nio.Bits, which is called by...
USN-4866-1: Netty vulnerabilities
It was discovered that Netty incorrectly implements HTTP/2. An attacker could possibly use this issue to cause a denial of service. CVE-2019-9512, CVE-2019-9514, CVE-2019-9515, CVE-2019-9518...
Debian: Security Advisory (DSA-4885-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-4885-1 : netty - security update
Multiple security issues were discovered in Netty, a Java NIO client/server framework, which could result in HTTP request smuggling, denial of service or information disclosure. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...
AZL-25952 CVE-2020-8908 affecting package guava for versions less than 25.0-7
A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir. By default, on unix-like systems, the created directory i...
Debian DLA-2365-1 : netty-3.9 security update
Several vulnerabilities have been discovered in netty-3.9, a Java NIO client/server socket framework. CVE-2019-16869 Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers such as a 'Transfer-Encoding : chunked' line, which leads to HTTP request smuggling. CVE-2019-20444...
Debian DLA-2364-1 : netty security update
Several vulnerabilities have been discovered in netty, a Java NIO client/server socket framework. CVE-2019-20444 HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interprete...
Debian: Security Advisory (DLA-2365-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2365-1] netty-3.9 security update
Debian LTS Advisory DLA-2365-1 [email protected] https://www.debian.org/lts/security/ Roberto C. Sánchez September 04, 2020 https://wiki.debian.org/LTS Package : netty-3.9 Version : 3.9.9.Final-1+deb9u1 CVE ID : CVE-2019-16869 CVE-2019-20444 CVE-2019-20445 Debian Bug : 941266 950966...
[SECURITY] [DLA 2364-1] netty security update
Debian LTS Advisory DLA-2364-1 [email protected] https://www.debian.org/lts/security/ Roberto C. Sánchez September 04, 2020 https://wiki.debian.org/LTS Package : netty Version : 1:4.1.7-2+deb9u2 CVE ID : CVE-2019-20444 CVE-2019-20445 CVE-2020-7238 CVE-2020-11612 Debian Bug : 950966 9509...
OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841)
A flaw was found in the boundary checks in the java.nio buffer classes in the Libraries component of OpenJDK, where it is bypassed in certain cases. This flaw allows an untrusted Java application or applet o bypass Java sandbox restrictions...
OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841)
A flaw was found in the boundary checks in the java.nio buffer classes in the Libraries component of OpenJDK, where it is bypassed in certain cases. This flaw allows an untrusted Java application or applet o bypass Java sandbox restrictions...
OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841)
A flaw was found in the boundary checks in the java.nio buffer classes in the Libraries component of OpenJDK, where it is bypassed in certain cases. This flaw allows an untrusted Java application or applet o bypass Java sandbox restrictions...
OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841)
A flaw was found in the boundary checks in the java.nio buffer classes in the Libraries component of OpenJDK, where it is bypassed in certain cases. This flaw allows an untrusted Java application or applet o bypass Java sandbox restrictions...
Debian: Security Advisory (DLA-2110-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...