CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

CVE-2026-42583

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Lz4FrameDecoder allocates a ByteBuf of size decompressedLength up to 32 MB per block before LZ4 runs. A peer only needs a 21-byte header plus compressedLength payload bytes - 22 bytes if...

7.5CVSS6.8AI score0.00017EPSS

Exploits1References1

SUSE CVE•added 2026/05/15 1:58 a.m.•7 views

SUSE CVE-2026-42583

7.5CVSS5.8AI score0.00017EPSS

Exploits1References3

NVD•added 2026/05/13 7:17 p.m.•5 views

CVE-2026-42583

7.5CVSS0.00017EPSS

Exploits1References1

Vulnrichment•added 2026/05/13 6:9 p.m.•3 views

CVE-2026-42583 Netty: Lz4FrameDecoder resource exhaustion

7.5CVSS5.8AI score0.00017EPSS

Exploits1References1

Cvelist•added 2026/05/13 6:9 p.m.•24 views

CVE-2026-42583 Netty: Lz4FrameDecoder resource exhaustion

7.5CVSS0.00017EPSS

Exploits1References1

Snyk•added 2026/05/07 12:20 a.m.•4 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the Lz4FrameDecoder component. An attacker can cause excessive memory allocation by sending specially crafted compressed data with manipulated header fields, leading to resource...

8.7CVSS5.8AI score0.00017EPSS

Exploits1References2

Snyk•added 2026/05/07 12:20 a.m.•6 views

Allocation of Resources Without Limits or Throttling

Overview io.netty:netty-codec is an event-driven asynchronous network application framework. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the Lz4FrameDecoder component. An attacker can cause excessive memory allocation by sending...

8.7CVSS5.8AI score0.00017EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by