Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2026/06/17 4:18 p.m.11 views

netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs

A flaw was found in Netty's DNS resolver component. This vulnerability arises from the use of a predictable pseudo-random number generator PRNG for DNS transaction IDs and a static User Datagram Protocol UDP source port. This combination significantly reduces the randomness of DNS queries, making...

6.8CVSS5.3AI score0.00256EPSS
Exploits0References7
OSV
OSV
added 2026/06/12 3:16 p.m.6 views

UBUNTU-CVE-2026-45673

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DNS resolver uses a predictable PRNG for generating DNS transaction IDs and defaults to a static UDP source port. This combination reduces the entrop...

6.8CVSS5.2AI score0.00256EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/12 2:16 p.m.39 views

CVE-2026-45673 Netty: DNS Cache Poisoning due to Predictable PRNG and Default Static Source Port

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DNS resolver uses a predictable PRNG for generating DNS transaction IDs and defaults to a static UDP source port. This combination reduces the entrop...

6.8CVSS0.00256EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/01/03 4:20 p.m.42 views

CVE-2023-46740 Insecure random string generator used for sensitive data

CubeFS is an open-source cloud-native file storage system. Prior to version 3.3.1, CubeFS used an insecure random string generator to generate user-specific, sensitive keys used to authenticate users in a CubeFS deployment. This could allow an attacker to predict and/or guess the generated string...

6.5CVSS9.4AI score0.00439EPSS
Exploits0References2
Rows per page
Query Builder