SUSE CVE-2022-24823

🗓️ 15 Feb 2023 03:27:35Reported by Suse CVEType

Netty codec-http before 4.1.77.Final may leak data via the local temp directory for uploads on Java 6 Unix-like systems; patch fixes it; workaround is setting the temporary directory or base directory.

Reporter	Title	Published	Views	Family All 121
IBM Security Bulletins	Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Netty Common	24 Jan 202517:15	–	ibm
IBM Security Bulletins	Security Bulletin: Potential Vulnerability in Apache Solr and Apache Zookeeper shipped with IBM Operations Analytics - Log Analysis (CVE-2022-24823)	12 Sep 202409:24	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Zookeeper affecting IBM QRadar User Behavior Analytics (CVE-2022-2191, CVE-2022-2047, CVE-2022-2048, CVE-2022-24823, CVE-2020-36518)	29 Sep 202214:01	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Netty libraries affect IBM Operations Analytics Predictive Insights (CVE-2021-43797 CVE-2022-24823)	29 Nov 202213:07	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Netty affect Apache Solr, Apache Zookeeper and Logstash shipped with IBM Operations Analytics - Log Analysis	6 Sep 202408:22	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities discovered in libraries used by Apache Zookeeper that is included in ITNM (CVE-2020-36518, CVE-2022-2047, CVE-2022-2048, CVE-2022-24823)	4 Jan 202315:58	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities	7 Jun 202316:53	–	ibm
IBM Security Bulletins	Security Bulletin: Mutiple Vulnerabilties Affecting Watson Machine Learning Accelerator on Cloud Pak for Data version	13 Nov 202315:22	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOPs	26 Mar 202503:48	–	ibm
IBM Security Bulletins	Security Bulletin: Netcool Operations Insights 1.6.9 addresses multiple security vulnerabilities.	18 Jul 202313:09	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
OpenSUSE Tumbleweed	–	any	netty	4.1.114-1.1	netty-4.1.114-1.1.noarch.rpm
OpenSUSE Leap	15.4	any	netty	4.1.90-150200.4.14.1	netty-4.1.90-150200.4.14.1.noarch.rpm
OpenSUSE Leap	15.5	any	netty	4.1.90-150200.4.14.1	netty-4.1.90-150200.4.14.1.noarch.rpm
SUSE Linux Enterprise Server	15.5	any	netty	4.1.90-150200.4.14.1	netty-4.1.90-150200.4.14.1.noarch.rpm
SUSE Linux Enterprise Server	15.6	any	netty	4.1.90-150200.4.14.1	netty-4.1.90-150200.4.14.1.noarch.rpm
SUSE Linux Enterprise Server	15.7	any	netty	4.1.90-150200.4.14.1	netty-4.1.90-150200.4.14.1.noarch.rpm
OpenSUSE Tumbleweed	–	any	netty-javadoc	4.1.114-1.1	netty-javadoc-4.1.114-1.1.noarch.rpm
OpenSUSE Leap	15.4	any	netty-javadoc	4.1.90-150200.4.14.1	netty-javadoc-4.1.90-150200.4.14.1.noarch.rpm
OpenSUSE Leap	15.5	any	netty-javadoc	4.1.90-150200.4.14.1	netty-javadoc-4.1.90-150200.4.14.1.noarch.rpm
SUSE Linux Enterprise Server	15.5	any	netty-javadoc	4.1.90-150200.4.14.1	netty-javadoc-4.1.90-150200.4.14.1.noarch.rpm

Source	Link
suse	www.suse.com/security/cve/CVE-2022-24823
suse	www.suse.com/support/security/rating/
bugzilla	www.bugzilla.suse.com/1199338
lists	www.lists.suse.com/pipermail/sle-security-updates/2023-May/014770.html
lists	www.lists.suse.com/pipermail/sle-updates/2023-June/029968.html
lists	www.lists.opensuse.org/archives/list/[email protected]/thread/TNFN6MBU4SQLAGX7GNFLRGTPGY3IBHZG/

15 Aug 2025 23:30Current

7.2High risk

Vulners AI Score7.2

CVSS 3.16.2

EPSS0.01032