Lucene search
K

198 matches found

Positive Technologies
Positive Technologies
added 2025/10/15 12:0 a.m.5 views

PT-2025-42370

Name of the Vulnerable Software and Affected Versions Netty versions prior to 4.1.128.Final and 4.2.7.Final Description Netty contains an SMTP command injection vulnerability due to insufficient input validation for Carriage Return r and Line Feed characters in user-supplied parameters. The...

7.5CVSS6.7AI score0.02112EPSS
Exploits1References371
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-0647

Malware in sbrugna...

5.9CVSS6.3AI score0.18891EPSS
Exploits0References135
Veracode
Veracode
added 2025/10/06 4:44 p.m.6 views

HTTP Request Smuggling

io.netty, netty-codec-http is vulnerable to HTTP Request Smuggling. The vulnerability is due to incorrectly accepting standalone newline characters LF as a chunk-size line terminator instead of requiring CRLF per HTTP/1.1 standards, which allows an attacker to craft malicious requests that are...

7.5CVSS7AI score0.00631EPSS
Exploits1References10Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-3334

Malicious code in bioql PyPI...

5.5CVSS7.1AI score0.00408EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.35 views

EUVD-2024-2493

Malicious code in bioql PyPI...

9.6CVSS8.1AI score0.01036EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-7648

Malicious code in bioql PyPI...

6.5CVSS7.3AI score0.00885EPSS
Exploits1References12
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-26649

Malicious code in bioql PyPI...

7.5CVSS6.3AI score0.00561EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-28583

Malicious code in bioql PyPI...

8.2CVSS5.7AI score0.00979EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-0832

Malicious code in bioql PyPI...

5.3CVSS6.4AI score0.0138EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-4081

Malicious code in bioql PyPI...

5.5CVSS6.8AI score0.00384EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-1713

Malicious code in bioql PyPI...

6.5CVSS7.4AI score0.02459EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-1918

Malicious code in bioql PyPI...

5.5CVSS6.3AI score0.01044EPSS
Exploits1References17
Veracode
Veracode
added 2025/09/30 1:54 p.m.5 views

Denial Of Service (DoS)

Netty is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of malformed HTTP/2 control frames due to a flaw in enforcing the max concurrent streams limit, leading to resource exhaustion and denial of service...

8.2CVSS6.7AI score0.00979EPSS
Exploits1References7Affected Software2
OSV
OSV
added 2025/09/12 2:26 p.m.11 views

OESA-2025-2286 netty security update

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers clients. %package help Summary: Documents for Buildarch: noarch Requires: man info Provides: -javadoc = - Obsoletes: -javadoc - %description help Man pages a...

5.5CVSS7.1AI score0.01044EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/09/06 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2025-58057

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In...

7.5CVSS6.7AI score0.00561EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/09/05 9:31 p.m.3 views

CVE-2025-58056

A flaw in Netty’s HTTP/1.1 chunked encoding parser allows newline LF characters in chunk extensions to be incorrectly treated as the end of the chunk-size line instead of requiring the proper CRLF sequence. This discrepancy can be exploited in rare cases where a reverse proxy interprets the same...

7.5CVSS6.3AI score0.00631EPSS
Exploits1References10
OSV
OSV
added 2025/09/05 12:42 p.m.5 views

OESA-2025-2150 netty security update

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers clients. %package help Summary: Documents for Buildarch: noarch Requires: man info Provides: -javadoc = - Obsoletes: -javadoc - %description help Man pages a...

5.5CVSS9AI score0.01044EPSS
Exploits1References2
OSV
OSV
added 2025/09/04 10:42 a.m.5 views

UBUNTU-CVE-2025-58057

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In netty-codec-compression versions 4.1.124.Final and below, and netty-codec versions 4.2.4.Final and below, when supplied with specially crafted...

7.5CVSS6.7AI score0.00561EPSS
Exploits1References6
NVD
NVD
added 2025/09/03 9:15 p.m.4 views

CVE-2025-58056

Netty is an asynchronous event-driven network application framework for development of maintainable high performance protocol servers and clients. In versions 4.1.124.Final, and 4.2.0.Alpha3 through 4.2.4.Final, Netty incorrectly accepts standalone newline characters LF as a chunk-size line...

7.5CVSS0.00631EPSS
Exploits1References7
OSV
OSV
added 2025/09/03 9:15 p.m.4 views

UBUNTU-CVE-2025-58056

Netty is an asynchronous event-driven network application framework for development of maintainable high performance protocol servers and clients. In versions 4.1.124.Final, and 4.2.0.Alpha3 through 4.2.4.Final, Netty incorrectly accepts standalone newline characters LF as a chunk-size line...

7.5CVSS6.7AI score0.00631EPSS
Exploits1References10
Rows per page
Query Builder