CVE-2015-2156
- EPSS 3.27%
- Veröffentlicht 18.10.2017 15:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0.28.Final, and 4.1.x before 4.1.0.Beta5 and Play Framework 2.x before 2.3.9 might allow remote attackers to bypass the httpOnly flag on cookies and obtain sensitive information by ...
CVE-2016-4970
- EPSS 8.23%
- Veröffentlicht 13.04.2017 14:59:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and 4.1.x before 4.1.1.Final allows remote attackers to cause a denial of service (infinite loop).
- EPSS 0.64%
- Veröffentlicht 31.07.2014 14:55:02
- Zuletzt bearbeitet 06.05.2026 22:30:45
The SslHandler in Netty before 3.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted SSLv2Hello message.
- EPSS 4.08%
- Veröffentlicht 06.05.2014 14:55:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
WebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before 3.7.1, 3.8.x before 3.8.2, 3.9.x before 3.9.1, and 4.0.x before 4.0.19 allows remote attackers to cause a denial of service (memory consumption) via a TextWebSocketFrame followed by a ...