Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netty netty vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-11284
Pivotal Reactor Netty, versions before 0.8.11, passes headers through redirects, including authorization ones. A remote unauthenticated malicious user may gain access to credentials for a different server than they have access to.
Pivotal Reactor Netty
5
CVSSv2
CVE-2019-16869
Netty prior to 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a "Transfer-Encoding : chunked" line), which leads to HTTP request smuggling.
Netty Netty
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Redhat Jboss Enterprise Application Platform 7.2
Redhat Jboss Enterprise Application Platform 7.3
Redhat Jboss Enterprise Application Platform 7.4
4.3
CVSSv2
CVE-2015-2156
Netty prior to 3.9.8.Final, 3.10.x prior to 3.10.3.Final, 4.0.x prior to 4.0.28.Final, and 4.1.x prior to 4.1.0.Beta5 and Play Framework 2.x prior to 2.3.9 might allow remote malicious users to bypass the httpOnly flag on cookies and obtain sensitive information by leveraging imp...
Netty Netty 4.0.16
Netty Netty 4.0.17
Netty Netty 4.0.18
Netty Netty 4.0.19
Netty Netty 4.0.20
Netty Netty 4.0.21
Netty Netty 4.0.22
Netty Netty 4.0.23
Netty Netty 4.0.24
Netty Netty 4.0.25
Netty Netty 4.0.26
Netty Netty 4.0.27
Netty Netty
Netty Netty 3.10.0
Netty Netty 3.10.1
Netty Netty 3.10.2
Netty Netty 4.0.1
Netty Netty 4.0.2
Netty Netty 4.0.3
Netty Netty 4.0.4
Netty Netty 4.0.5
Netty Netty 4.0.6
5
CVSSv2
CVE-2017-13763
ONOS versions 1.8.0, 1.9.0, and 1.10.0 do not restrict the amount of memory allocated. The Netty payload size is not limited.
Onosproject Onos 1.10.0
Onosproject Onos 1.9.0
Onosproject Onos 1.8.0
5
CVSSv2
CVE-2014-3488
The SslHandler in Netty prior to 3.9.2 allows remote malicious users to cause a denial of service (infinite loop and CPU consumption) via a crafted SSLv2Hello message.
Netty Netty 3.8.1
Netty Netty 3.8.0
Netty Netty 3.7.0
Netty Netty 3.6.8
Netty Netty
Netty Netty 3.9.0
Netty Netty 3.6.7
Netty Netty 3.6.5
Netty Netty 3.6.3
Netty Netty 3.6.2
Netty Netty 3.6.1
Netty Netty 3.6.0
Netty Netty 3.9.1
Netty Netty 3.6.6
Netty Netty 3.6.4
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4