Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2026/05/28 3:1 p.m.7 views

CVE-2026-44248

A flaw was found in Netty, an asynchronous event-driven network application framework. A remote attacker can exploit this vulnerability by sending a crafted MQTT 5 header with an oversized Properties section. This causes Netty to repeatedly parse and buffer the large Properties section in memory...

7.5CVSS6.7AI score0.00019EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2025/05/06 2:32 p.m.4 views

netty: Denial of Service attack on windows app using Netty

A flaw was found in Netty. An unsafe reading of the environment file could potentially cause a denial of service. When loaded on a Windows application, Netty attempts to load a file that does not exist. If an attacker creates a large file, the Netty application crashes...

5.5CVSS7.3AI score0.00467EPSS
Exploits1References6
RedHat Linux
RedHat Linuxadded 2025/02/24 12:8 a.m.5 views

codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS

A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service DoS...

7.5CVSS7.1AI score0.00472EPSS
Exploits1References4
RedHat Linux
RedHat Linuxadded 2024/11/25 12:12 a.m.1 views

netty: HTTP Request Smuggling due to Transfer-Encoding whitespace mishandling

A flaw was found in Netty, where it mishandles Transfer-Encoding whitespace. This flaw allows HTTP Request Smuggling...

7.5CVSS7.1AI score0.01498EPSS
Exploits1References5
RedHat Linux
RedHat Linuxadded 2023/05/10 11:25 a.m.5 views

codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS

A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service DoS...

7.5CVSS7.1AI score0.00472EPSS
Exploits1References4
RedHat Linux
RedHat Linuxadded 2021/09/30 9:57 a.m.2 views

netty: Request smuggling via content-length header

A flaw was found in Netty. There is an issue where the content-length header is not validated correctly if the request uses a single Http2HeaderFrame with the endstream set to true. This flaw leads to request smuggling if the request is proxied to a remote peer and translated to HTTP/1.1. The...

5.9CVSS7.1AI score0.0316EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2021/08/11 6:21 p.m.1 views

netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header

A flaw was found in Netty before version 4.1.44, where it accepted multiple Content-Length headers and also accepted both Transfer-Encoding, as well as Content-Length headers where it should reject the message under such circumstances. In circumstances where Netty is used in the context of a...

9.1CVSS7.1AI score0.03562EPSS
Exploits1References4
RedHat Linux
RedHat Linuxadded 2020/05/26 4:9 p.m.1 views

netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers

A flaw was found in Netty, where whitespace before the colon in HTTP headers is mishandled. This flaw allows an attacker to cause HTTP request smuggling...

7.5CVSS7.1AI score0.14994EPSS
Exploits1References4
Rows per page
Query Builder