Lucene search
K

45 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-0710

Malware in sbrugna...

7.5CVSS6.9AI score0.08415EPSS
Exploits1References159
RedHat Linux
RedHat Linux
added 2025/10/02 5:34 p.m.8 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0.9 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

9.8CVSS7AI score0.00979EPSS
Exploits2References16
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/30 9:12 p.m.10 views

Security Bulletin: Vulnerabilities in Spring Cloud Gateway Server, Bouncy Castle, Reactor Netty HTTP Server, NPM and Apache Commons might affect IBM Storage Defender Copy Data Management

Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Spring Cloud Gateway Server, Bouncy Castle, Reactor Netty HTTP Server, NPM and Apache Commons. Vulnerabilities include forwarded headers from untrusted proxies, opening up a possibility of DNS poisoning,...

8.8CVSS7.7AI score0.01548EPSS
Exploits3Affected Software1
vulnersOsv
vulnersOsv
added 2025/09/03 10:42 p.m.14 views

ai.ancf.lmos-router:benchmarks (>=0.2.0 <=0.28.0), ai.ancf.lmos-router:lmos-router-hybrid (>=0.2.0 <=0.28.0) +18174 more potentially affected by CVE-2025-58057 via io.netty:netty-codec-http2 (>=4.1.0.Beta4 <=4.1.124.Final)

io.netty:netty-codec-http2 MAVEN version =4.1.0.Beta4, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.1.1, =0.1.1, =0.1.1, =0.0.4, =0.6.0 - ai.ancf.lmos:lmos-router-hybrid =0.1.0 - ai.ancf.lmos:lmos-router-hybrid-spring-boot-starter =0.1.0 - ai.ancf.lmos:lmos-router-llm =0.1.0 -...

7.5CVSS6.6AI score0.00561EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/07/16 12:30 p.m.6 views

io.github.mullerhai:storch-mcp_3 (=0.1.0), io.projectreactor.netty:reactor-netty (>=1.3.0-M1 <=1.3.0-M4) +1 more potentially affected by CVE-2025-22227 via io.projectreactor.netty:reactor-netty-http (>=1.3.0-M1 <=1.3.0-M4)

io.projectreactor.netty:reactor-netty-http MAVEN version =1.3.0-M1, =1.3.0-M1, =1.3.0-M1, =1.3.0-M4 Source cves: CVE-2025-22227 Source advisory: OSV:GHSA-4Q2V-9P7V-3V22...

6.1CVSS6.4AI score0.0034EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/07/16 12:30 p.m.6 views

africa.absa:inception-application (>=1.0.0 <=1.2.0), ai.ancf.lmos-router:benchmarks (>=0.2.0 <=0.28.0) +5879 more potentially affected by CVE-2025-22227 via io.projectreactor.netty:reactor-netty-http (>=1.0.0 <=1.2.7)

io.projectreactor.netty:reactor-netty-http MAVEN version =1.0.0, =1.0.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.1.1, =0.1.1, =0.1.1, =0.0.4, =0.6.0 - ai.ancf.lmos:lmos-router-hybrid =0.1.0 - ai.ancf.lmos:lmos-router-hybrid-spring-boot-starter =0.1.0 - ai.ancf.lmos:lmos-router-llm =0.1...

6.1CVSS6.3AI score0.0034EPSS
Exploits0
Snyk
Snyk
added 2025/07/15 12:0 a.m.4 views

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere via handling of chained redirects. An attacker can cause the Reactor Netty HTTP client to leak credentials such as session cookies by intercepting initial HTTP/1...

6.1CVSS6.9AI score0.0034EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/07/15 12:0 a.m.7 views

io.github.mullerhai:storch-mcp_3 (=0.1.0), io.projectreactor.netty:reactor-netty (>=1.3.0-M1 <=1.3.0-M4) +1 more potentially affected by CVE-2025-22227 via io.projectreactor.netty:reactor-netty-http (>=1.3.0-M1 <=1.3.0-M4)

io.projectreactor.netty:reactor-netty-http MAVEN version =1.3.0-M1, =1.3.0-M1, =1.3.0-M1, =1.3.0-M4 Source cves: CVE-2025-22227 Source advisory: SNYK:JAVA-IOPROJECTREACTORNETTY-10770514...

6.1CVSS6.4AI score0.0034EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/07/15 12:0 a.m.8 views

africa.absa:inception-application (>=1.0.0 <=1.2.0), ai.ancf.lmos-router:benchmarks (>=0.2.0 <=0.28.0) +5879 more potentially affected by CVE-2025-22227 via io.projectreactor.netty:reactor-netty-http (>=1.0.0 <=1.2.7)

io.projectreactor.netty:reactor-netty-http MAVEN version =1.0.0, =1.0.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.1.1, =0.1.1, =0.1.1, =0.0.4, =0.6.0 - ai.ancf.lmos:lmos-router-hybrid =0.1.0 - ai.ancf.lmos:lmos-router-hybrid-spring-boot-starter =0.1.0 - ai.ancf.lmos:lmos-router-llm =0.1...

6.1CVSS6.3AI score0.0034EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/08/15 8:11 p.m.6 views

netty-codec-http: Allocation of Resources Without Limits or Throttling

A flaw was found in the io.netty:netty-codec-http package. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling issues due to the accumulation of data in the HttpPostRequestDecoder. The decoder cumulates bytes in the undecodedChunk buffer until ...

5.3CVSS7.2AI score0.0138EPSS
Exploits1References8
OSV
OSV
added 2023/11/28 8:16 a.m.6 views

CVE-2023-34054 Reactor Netty HTTP Server Metrics DoS Vulnerability

In Reactor Netty HTTP Server, versions 1.1.x prior to 1.1.13 and versions 1.0.x prior to 1.0.39, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Specifically, an application is vulnerable if Reactor Netty HTTP Server built-in...

5.3CVSS6.7AI score0.00906EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2023/11/15 12:30 p.m.7 views

ai.optfor:spring-openai-api (>=0.2.2 <=0.3.25), be.vlaanderen.informatievlaanderen.ldes.ldio:ldio-azure-blob-out (=2.12.0) +750 more potentially affected by CVE-2023-34062 via io.projectreactor.netty:reactor-netty-http (>=1.1.0 <=1.1.12)

io.projectreactor.netty:reactor-netty-http MAVEN version =1.1.0, =0.2.2, =0.14.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0-RC2 and more Source cves: CVE-2023-34062 Source advisory: OSV:GHSA-XJHV-P3FV-X24R...

7.5CVSS7.2AI score0.01124EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/11/15 12:30 p.m.4 views

africa.absa:inception-application (>=1.0.0 <=1.2.0), ai.onehouse:lakeview (>=0.26.0 <=0.30.0) +2624 more potentially affected by CVE-2023-34062 via io.projectreactor.netty:reactor-netty-http (>=1.0.0 <=1.0.38)

io.projectreactor.netty:reactor-netty-http MAVEN version =1.0.0, =1.0.0, =0.26.0, =0.26.0, =j11.2.6.0, =v0.3.12, =v0.3.12, =v0.3.12, =1.6, =3.1.305, =3.1.305, =3.1.305, =3.1.305, =3.1.485 and more Source cves: CVE-2023-34062 Source advisory: OSV:GHSA-XJHV-P3FV-X24R...

7.5CVSS7AI score0.01124EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/14 7:18 p.m.44 views

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Netty HTTP response splitting (CVE-2022-41915)

Summary Potential security bypass vulnerability in Netty-CVE-2022-41915 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2022-41915 DESCRIPTION: Netty is vulnerable to HTTP response...

6.5CVSS7AI score0.00885EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/01/12 12:0 a.m.41 views

FreeBSD : cassandra3 -- multiple vulnerabilities (53caf29b-9180-11ed-acbe-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 53caf29b-9180-11ed-acbe-b42e991fc52e advisory. - Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: RMI...

7.5CVSS6.7AI score0.37618EPSS
Exploits6References13
RedHat Linux
RedHat Linux
added 2022/12/08 1:25 p.m.97 views

Moderate: Red Hat Security Advisory: Red Hat Camel for Spring Boot 3.18.3 release and security update

A minor version update from 3.14.5 to 3.18.3 is now available for Camel for Spring Boot. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common...

9.8CVSS7AI score0.99931EPSS
Exploits41References5
RedhatCVE
RedhatCVE
added 2022/11/09 2:56 p.m.79 views

CVE-2022-31684

A flaw was found in the Reactor Netty HTTP Server, which may log request headers in some cases of invalid HTTP requests. This could allow an attacker to access privileged information when WARN level logging is enabled...

4.3CVSS2.5AI score0.00604EPSS
Exploits0References3
Spring Security Advisories
Spring Security Advisories
added 2022/10/24 7:0 a.m.85 views

This Week in Spring - October 25th, 2022

Hi, Spring fans! Welcome to another installment of This Week in Spring! When last we spoke, I was in Las Vegas, NV, for the JavaOne show. It was amazing! Im in sunny Singapore, then off to Malaysia and Thailand. Its the first time Ive been to any of these places since 2019! How good it is to be...

4.8AI score0.00604EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/10/20 12:0 p.m.9 views

africa.absa:inception-application (>=1.1.0 <=1.2.0), ai.ylyue:yue-library-webflux (>=j11.2.6.0 <=j11.2.6.1) +1561 more potentially affected by CVE-2022-31684 via io.projectreactor.netty:reactor-netty-http (>=1.0.11 <=1.0.23)

io.projectreactor.netty:reactor-netty-http MAVEN version =1.0.11, =1.1.0, =j11.2.6.0, =v0.3.12, =v0.3.12, =v0.3.12, =1.7, =3.1.305, =3.1.305, =3.1.305, =3.1.305, =3.1.305, =3.1.305, =3.1.305, =3.1.305, =3.1.305, =3.1.485 and more Source cves: CVE-2022-31684 Source advisory: OSV:GHSA-7W4X-4H67-PGM...

4.3CVSS6AI score0.00604EPSS
Exploits0
NVD
NVD
added 2022/10/19 10:15 p.m.42 views

CVE-2022-31684

Reactor Netty HTTP Server, in versions 1.0.11 - 1.0.23, may log request headers in some cases of invalid HTTP requests. The logged headers may reveal valid access tokens to those with access to server logs. This may affect only invalid HTTP requests where logging at WARN level is enabled...

4.3CVSS0.00604EPSS
Exploits0References1
Rows per page
Query Builder