Netty

Netty

66 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.3%
  • Veröffentlicht 12.06.2026 14:59:59
  • Zuletzt bearbeitet 15.06.2026 02:30:57

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty HTTP/2 max header size handling produces an attack similar to HTTP/2 Rapid Reset. There is a setting in ...

  • EPSS 0.23%
  • Veröffentlicht 12.06.2026 14:55:32
  • Zuletzt bearbeitet 15.06.2026 02:31:10

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, before reading the first request-line, `HttpObjectDecoder` skips every byte for which `Character.isISOControl(...

  • EPSS 0.37%
  • Veröffentlicht 12.06.2026 14:52:18
  • Zuletzt bearbeitet 30.06.2026 03:20:45

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, RedisArrayAggregator pre-allocates ArrayList with initial capacity equal to the RESP array element count decla...

  • EPSS 0.27%
  • Veröffentlicht 12.06.2026 14:50:43
  • Zuletzt bearbeitet 03.07.2026 13:17:26

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, SimpleTrustManagerFactory.engineGetTrustManagers() and related paths wrap any user-supplied plain X509TrustMan...

  • EPSS 0.2%
  • Veröffentlicht 12.06.2026 14:47:09
  • Zuletzt bearbeitet 15.06.2026 02:31:31

Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, Netty QUIC exposes the stateless reset token on the network path when using the default HMAC-based connection-ID and stateless-re...

  • EPSS 0.37%
  • Veröffentlicht 12.06.2026 14:45:04
  • Zuletzt bearbeitet 30.06.2026 03:20:27

Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, a memory exhaustion vulnerability in the Netty HTTP/3 codec allows the creation of an infinite number of blocked streams, which c...

  • EPSS 0.61%
  • Veröffentlicht 12.06.2026 14:42:44
  • Zuletzt bearbeitet 09.07.2026 13:17:23

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the HAProxy PROXY protocol v2 codec in netty leaks native or heap memory on every connection when a client sen...

  • EPSS 0.59%
  • Veröffentlicht 12.06.2026 14:39:52
  • Zuletzt bearbeitet 09.07.2026 13:17:23

Netty is a network application framework for development of protocol servers and clients. In netty-codec-http2 prior to versions 4.1.135.Final and 4.2.15.Final, the `DelegatingDecompressorFrameListener` class orchestrates HTTP/2 decompression by embe...

  • EPSS 0.49%
  • Veröffentlicht 12.06.2026 14:36:44
  • Zuletzt bearbeitet 30.06.2026 03:20:24

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the RedisArrayAggregator handler permanently leaks pooled direct-memory buffers when a Redis pipeline connecti...

  • EPSS 0.29%
  • Veröffentlicht 12.06.2026 14:33:16
  • Zuletzt bearbeitet 03.07.2026 13:17:23

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's `DnsResolveContext` insufficiently validates the bailiwick of NS records, enabling DNS Cache Poisoning...