Lucene search
K

4 matches found

Snyk
Snyk
added 2026/06/08 7:2 p.m.7 views

Missing Release of Resource after Effective Lifetime

Overview Affected versions of this package are vulnerable to Missing Release of Resource after Effective Lifetime through improper handling of TLV length in the readNextTLV function. An attacker can cause resource exhaustion and denial of service by sending a specially crafted HAProxy protocol...

8.7CVSS5.4AI score0.00594EPSS
Exploits0References2
Snyk
Snyk
added 2025/10/15 4:46 p.m.12 views

CRLF Injection

Overview Affected versions of this package are vulnerable to CRLF Injection via insufficient input validation in the DefaultSmtpRequest process. An attacker can inject arbitrary SMTP commands by supplying malicious parameters containing CRLF sequences, allowing the sending of forged emails that...

6.9CVSS7.1AI score0.01617EPSS
Exploits0References2
OSV
OSV
added 2022/05/06 12:15 p.m.3 views

UBUNTU-CVE-2022-24823

Netty is an open-source, asynchronous event-driven network application framework. The package io.netty:netty-codec-http prior to version 4.1.77.Final contains an insufficient fix for CVE-2021-21290. When Netty's multipart decoders are used local information disclosure can occur via the local syst...

5.5CVSS6.8AI score0.01044EPSS
Exploits1References6
OSV
OSV
added 2021/12/09 7:15 p.m.3 views

UBUNTU-CVE-2021-43797

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. Netty prior to version 4.1.71.Final skips control chars when they are present at the beginning / end of the header name. It should instead fail fa...

6.5CVSS6.9AI score0.02682EPSS
Exploits0References6
Rows per page
Query Builder