Vulnerabilities > Netty

DATE CVE VULNERABILITY TITLE RISK
2022-12-13 CVE-2022-41915 Interpretation Conflict vulnerability in multiple products
Netty project is an event-driven asynchronous network application framework.
network
low complexity
netty debian CWE-436
6.5
6.5
2022-12-12 CVE-2022-41881 Uncontrolled Recursion vulnerability in multiple products
Netty project is an event-driven asynchronous network application framework.
network
low complexity
netty debian CWE-674
7.5
7.5
2022-05-06 CVE-2022-24823 Creation of Temporary File in Directory with Incorrect Permissions vulnerability in multiple products
Netty is an open-source, asynchronous event-driven network application framework.
local
low complexity
netty oracle netapp CWE-379
5.5
5.5
2021-12-09 CVE-2021-43797 HTTP Request Smuggling vulnerability in multiple products
Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients.
network
low complexity
netty quarkus netapp oracle debian CWE-444
6.5
6.5
2021-10-19 CVE-2021-37136 Resource Exhaustion vulnerability in multiple products
The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocation size used during decompression).
network
low complexity
netty quarkus oracle netapp debian CWE-400
7.5
7.5
2021-10-19 CVE-2021-37137 Resource Exhaustion vulnerability in multiple products
The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage.
network
low complexity
netty oracle quarkus netapp debian CWE-400
7.5
7.5
2021-03-30 CVE-2021-21409 HTTP Request Smuggling vulnerability in multiple products
Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. 		4.3
4.3
2021-03-09 CVE-2021-21295 HTTP Request Smuggling vulnerability in multiple products
Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients.
network
high complexity
netty netapp debian quarkus apache oracle CWE-444
2.6
2.6
2021-02-08 CVE-2021-21290 Creation of Temporary File in Directory with Incorrect Permissions vulnerability in multiple products
Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. 		1.9
1.9
2020-04-07 CVE-2020-11612 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream.
network
low complexity
netty debian fedoraproject netapp oracle CWE-770
5.0
5.0