Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2025-2228)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2025-3996

Malicious code in bioql PyPI...

DEBIAN-CVE-2025-49812

In some modssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade. Only configurations using "SSLEngine optional" to enable TLS upgrades are affected. Users are recommend...

ALPINE-CVE-2025-49812

In some modssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade. Only configurations using "SSLEngine optional" to enable TLS upgrades are affected. Users are recommend...

SUSE CVE-2025-49812

In some modssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade. Only configurations using "SSLEngine optional" to enable TLS upgrades are affected. Users are recommend...

DoS (Denial of Service) io.netty:netty-handler Dependency in Confluence Data Center and Server

This High severity io.netty:netty-handler Dependency vulnerability was introduced in versions 7.19 of Confluence Data Center and Server. This io.netty:netty-handler Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an...

io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

A flaw was found in Netty's SslHandler. This vulnerability allows a native crash via a specially crafted packet that bypasses proper validation...

io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

A flaw was found in Netty's SslHandler. This vulnerability allows a native crash via a specially crafted packet that bypasses proper validation...

CVE-2025-24970

Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91.Final and prior to version 4.1.118.Final. When a special crafted packet is received via SslHandler it doesn't correctly handle validation of such a packet in all cases which can lead...

CVE-2025-24970 SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91.Final and prior to version 4.1.118.Final. When a special crafted packet is received via SslHandler it doesn't correctly handle validation of such a packet in all cases which can lead...

CVE-2025-24970

CVE-2025-24970 (Netty) affects Netty 4.1.91.Final through 4.1.118.Final. A crafted packet via SslHandler can fail validation, causing a native crash. A patch exists in 4.1.118.Final. Workarounds include disabling the native SSLEngine or applying code-level changes as noted by advisories. IBM bull...

CVE-2025-24970 SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91.Final and prior to version 4.1.118.Final. When a special crafted packet is received via SslHandler it doesn't correctly handle validation of such a packet in all cases which can lead...

CVE-2025-24970 SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91.Final and prior to version 4.1.118.Final. When a special crafted packet is received via SslHandler it doesn't correctly handle validation of such a packet in all cases which can lead...

GHSA-4G8C-WM8X-JFHW SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

Impact When a special crafted packet is received via SslHandler it doesn't correctly handle validation of such a packet in all cases which can lead to a native crash. Workarounds As workaround its possible to either disable the usage of the native SSLEngine or changing the code from: SslContext...

SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

Impact When a special crafted packet is received via SslHandler it doesn't correctly handle validation of such a packet in all cases which can lead to a native crash. Workarounds As workaround its possible to either disable the usage of the native SSLEngine or changing the code from: SslContext...

PT-2025-6111 · Netty +4 · Netty +6

Name of the Vulnerable Software and Affected Versions: Netty versions 4.1.91.Final through 4.1.117.Final Description: The vulnerability in Netty is related to insufficient validation of user-input data in the SslHandler when using the native SSLEngine. This can lead to a native crash if a special...

Fedora 31 : 1:java-11-openjdk (2020-93cc9c3ef2)

July 2020 OpenJDK security update for OpenJDK 11 Full release notes: https://bitly.com/openjdk1108 Security fixes - JDK-8230613: Better ASCII conversions - JDK-8231800: Better listing of arrays - JDK-8232014: Expand DTD support - JDK-8233234: Better Zip Naming - JDK-8233239, CVE-2020-14562: Enhan...

Man-in-the-Middle (MitM)

netty-handler is vulnerable to man-in-the-middle attacks. The library uses an SSLEngine that does not verify certificate hostnames when establishing connections with a server by default. This allows an attacker to potentially intercept and modify network traffic in a successful man-in-the-middle...

openSUSE Security Update : java-11-openjdk (openSUSE-2019-818)

This update for java-11-openjdk fixes the following issues : Update to upstream tag jdk-11.0.1+13 Oracle October 2018 CPU Security fixes : - S8202936, CVE-2018-3183, bsc1112148: Improve script engine support - S8199226, CVE-2018-3169, bsc1112146: Improve field accesses - S8199177, CVE-2018-3149,...

CVE-2014-0627

The SSLEngine API implementation in EMC RSA BSAFE SSL-J 5.x before 5.1.3 and 6.x before 6.0.2 allows remote attackers to trigger the selection of a weak cipher suite by using the wrap method during a certain incomplete-handshake state...