Lucene search
K

2785 matches found

OSV
OSV
added 4 days ago9 views

ROOT-APP-MAVEN-CVE-2026-45674 CVE-2026-45674 in io.root.io.netty:netty-resolver-dns - Patched by Root

Root has patched CVE-2026-45674 in the io.root.io.netty:netty-resolver-dns package for Root:Maven. Multiple fixed versions available...

10CVSS5.3AI score0.00224EPSS
Exploits0
OSV
OSV
added 4 days ago19 views

ROOT-APP-MAVEN-CVE-2026-42585 CVE-2026-42585 in io.root.io.netty:netty-codec-http - Patched by Root

Root has patched CVE-2026-42585 in the io.root.io.netty:netty-codec-http package for Root:Maven. Multiple fixed versions available...

6.5CVSS5.8AI score0.00248EPSS
Exploits1
OSV
OSV
added 4 days ago5 views

ROOT-APP-MAVEN-CVE-2026-48043 CVE-2026-48043 in io.root.io.netty:netty-codec-http2 - Patched by Root

Root has patched CVE-2026-48043 in the io.root.io.netty:netty-codec-http2 package for Root:Maven. Multiple fixed versions available...

7.5CVSS5.9AI score0.00594EPSS
Exploits0
OSV
OSV
added 4 days ago11 views

ROOT-APP-MAVEN-CVE-2025-59419 CVE-2025-59419 in io.root.io.netty:netty-codec-smtp - Patched by Root

Root has patched CVE-2025-59419 in the io.root.io.netty:netty-codec-smtp package for Root:Maven. Multiple fixed versions available...

5.3CVSS7.1AI score0.01617EPSS
Exploits0
OSV
OSV
added 4 days ago11 views

ROOT-APP-MAVEN-CVE-2026-42577 CVE-2026-42577 in io.root.io.netty:netty-transport-native-epoll - Patched by Root

Root has patched CVE-2026-42577 in the io.root.io.netty:netty-transport-native-epoll package for Root:Maven. Multiple fixed versions available...

7.5CVSS5.8AI score0.00408EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 4 days ago3 views

Security Bulletin: Multiple vulnerabilities affect Data Virtualization on IBM Software Hub (June 2026 - Part 1 of 2)

Summary Multiple vulnerabilities have been addressed in Data Virtualization on IBM Software Hub. Note that Data Virtualization was named Watson Query on IBM Cloud Pak for Data version 4.8. Vulnerability Details CVEID:CVE-2026-50010 DESCRIPTION: Netty is a network application framework for...

9.1CVSS6.9AI score0.00533EPSS
Exploits0Affected Software1
NVD
NVD
added 5 days ago8 views

CVE-2026-49365

Generation of Error Message Containing Sensitive Information vulnerability in Apache Camel Netty HTTP component. The camel-netty-http HTTP server consumer exposes a muteException option that controls what is returned to the client when a route processing error occurs. This option defaulted to fal...

5.3CVSS0.00363EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 5 days ago6 views

CVE-2026-49365

Generation of Error Message Containing Sensitive Information vulnerability in Apache Camel Netty HTTP component. The camel-netty-http HTTP server consumer exposes a muteException option that controls what is returned to the client when a route processing error occurs. This option defaulted to fal...

5.8AI score0.00363EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 5 days ago9 views

EUVD-2026-41846

Generation of Error Message Containing Sensitive Information vulnerability in Apache Camel Netty HTTP component. The camel-netty-http HTTP server consumer exposes a muteException option that controls what is returned to the client when a route processing error occurs. This option defaulted to fal...

5.8AI score0.00363EPSS
Exploits0References1
CVE
CVE
added 5 days ago11 views

CVE-2026-49365

The vulnerability CVE-2026-49365 affects Apache Camel’s camel-netty-http server consumer. The root cause is that the default of muteException is false, so on route processing errors Camel writes the full Java stack trace into the HTTP response body instead of an empty body. This can disclose sens...

5.3CVSS5.8AI score0.00363EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 5 days ago32 views

CVE-2026-49365 Apache Camel: Camel-Netty-HTTP: The muteException consumer option defaulted to false, so a processing error returned the full Java stack trace in the HTTP response body, disclosing sensitive internal information to unauthenticated clients

Generation of Error Message Containing Sensitive Information vulnerability in Apache Camel Netty HTTP component. The camel-netty-http HTTP server consumer exposes a muteException option that controls what is returned to the client when a route processing error occurs. This option defaulted to fal...

0.00363EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 5 days ago11 views

PT-2026-55907

Name of the Vulnerable Software and Affected Versions Apache Camel versions 4.0.0 through 4.14.7 Apache Camel versions 4.15.0 through 4.18.2 Apache Camel versions 4.19.0 through 4.20.9 Description The camel-netty-http server consumer in Apache Camel contains an issue where the muteException optio...

5.3CVSS6.1AI score0.00363EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/07/02 12:3 a.m.4 views

netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers

A flaw was found in the Netty HAProxy PROXY protocol v2 codec. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy PROXY protocol v2 header with nested PP2TYPESSL type-length-value TLV records. This can lead to a memory leak, causing the underlying cumulation...

8.7CVSS6.1AI score0.00606EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/07/02 12:3 a.m.6 views

netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak

A flaw was found in netty-codec-http2. A remote attacker could send specially crafted frames that cause a resource leak within the DelegatingDecompressorFrameListener class. This resource leak could lead to an Out Of Memory Error OOME, potentially causing a Denial of Service DoS by taking down th...

7.5CVSS5.9AI score0.00594EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/07/02 12:3 a.m.5 views

io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records

A flaw was found in Netty's DnsResolveContext. An attacker controlling an authoritative name server for a subdomain can exploit this vulnerability by providing crafted NS records that are insufficiently validated. This allows the attacker to poison the DNS cache for parent domains, bypassing...

10CVSS5.9AI score0.00292EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/07/02 12:3 a.m.6 views

netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake

A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a crafted TLS Transport Layer Security ClientHello message. This can lead to an eager allocation of a large memory buffer, causing a Denial of Service DoS due to excessive memor...

7.5CVSS6AI score0.00461EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/07/02 12:3 a.m.4 views

netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message

A flaw was found in netty-codec-haproxy, a component of the Netty network application framework. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy message with a malformed PP2TYPESSL TLV Type-Length-Value header. This can lead to an IndexOutOfBoundsException...

7.5CVSS5.9AI score0.00594EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/07/02 12:3 a.m.4 views

netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation

A flaw was found in netty-handler, a component of the Netty network application framework. A remote attacker can exploit an incorrect masking operation in the IpSubnetFilterRule.compareTo function to bypass configured IPv6 subnet rules. This allows valid public IP addresses to circumvent intended...

8.1CVSS5.9AI score0.00552EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/07/02 12:3 a.m.4 views

netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood

A flaw was found in Netty. A remote user can trigger a Denial of Service DoS against a Netty HTTP/2 server by sending a flood of CONTINUATION frames. The server's lack of a limit on these frames, coupled with a bypass of size-based mitigations using zero-byte frames, allows an attacker to consume...

8.7CVSS6.8AI score0.01125EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/07/02 12:3 a.m.5 views

io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values

A flaw was found in Netty. A remote attacker could exploit this vulnerability by sending specially crafted HTTP/1.1 chunked transfer encoding extension values. Due to incorrect parsing of quoted strings, this flaw enables request smuggling attacks, potentially allowing an attacker to bypass...

7.5CVSS6.6AI score0.0064EPSS
Exploits1References8
Rows per page
Query Builder