Known Vulnerabilities for products from Netty
Listed below are 17 of the newest known vulnerabilities associated with the vendor "Netty".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-42809 | Redisson is a Java Redis client that uses the Netty framework. Prior to version 3.22.0, some of the messages received from th... | Not Provided | 2023-10-04 | 2023-10-04 |
| CVE-2023-34462 | Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance pr... | 6.5 - MEDIUM | 2023-06-22 | 2023-08-03 |
| CVE-2022-24823 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.5 - MEDIUM | 2022-05-06 | 2022-12-03 |
| CVE-2021-43797 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2021-12-09 | 2023-02-24 |
| CVE-2021-37137 | The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it ... | 7.5 - HIGH | 2021-10-19 | 2023-02-24 |
| CVE-2021-37136 | The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affec... | 7.5 - HIGH | 2021-10-19 | 2023-02-24 |
| CVE-2021-21409 | Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high p... | 5.9 - MEDIUM | 2021-03-30 | 2022-05-12 |
| CVE-2021-21295 | Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high p... | 5.9 - MEDIUM | 2021-03-09 | 2022-05-12 |
| CVE-2021-21290 | Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high p... | 5.5 - MEDIUM | 2021-02-08 | 2022-05-12 |
| CVE-2020-11612 | The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream.... | 7.5 - HIGH | 2020-04-07 | 2022-04-26 |
| CVE-2020-7238 | Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such as a [space]Transfe... | 7.5 - HIGH | 2020-01-27 | 2021-05-27 |
| CVE-2019-20445 | HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length hea... | 9.1 - CRITICAL | 2020-01-29 | 2021-09-14 |
| CVE-2019-20444 | HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separ... | 9.1 - CRITICAL | 2020-01-29 | 2021-09-14 |
| CVE-2019-16869 | Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers (such as a "Transfer-Encoding : chunked" lin... | 7.5 - HIGH | 2019-09-26 | 2022-03-30 |
| CVE-2017-5645 | In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from... | 9.8 - CRITICAL | 2017-04-17 | 2022-04-04 |
| CVE-2016-4970 | handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and 4.1.x before 4.1.1.Final allows remote attackers to cau... | 7.5 - HIGH | 2017-04-13 | 2021-02-14 |
| CVE-2015-2156 | Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0.28.Final, and 4.1.x before 4.1.0.Beta5 and Play Framew... | 7.5 - HIGH | 2017-10-18 | 2019-11-25 |
| CVE-2014-3488 | The SslHandler in Netty before 3.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption)... | 5 - MEDIUM | 2014-07-31 | 2020-02-19 |
| CVE-2014-0193 | WebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before 3.7.1, 3.8.x before 3.8.2, 3.9.x before 3.9.1, and 4.0.x be... | 5 - MEDIUM | 2014-05-06 | 2023-02-13 |
Known software with vulnerabilities from Netty
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Netty | Netty | 3.2.4 |
Trademarks for Netty obtained from uspto.report
| Mark Image | Details |
|---|---|
"NETTY" 97516706 |
NETTY
Netty 2022-07-22 |
Popular searches for "Netty"
Netty Network Analyzer
apps.apple.com/us/app/netty-network-analyzer/id955075829 Search in App StoreApp Store Netty Network Analyzer Utilities fffff 184 N"955075829 : Netty Network Analyzer
Netty: Home
netty.ioNetty: Home W U Sfor rapid development of maintainable high performance protocol servers & clients. Netty is a NIO client server framework which enables quick and easy development of network applications such as protocol servers and clients. It greatly simplifies and streamlines network programming such as TCP and UDP socket server. As a result, Netty has succeeded to find a way to achieve ease of development, performance, stability, and flexibility without a compromise.
www.jboss.org/netty www.jboss.org/netty jboss.org/netty www.jboss.org/netty/documentation.html freshmeat.sourceforge.net/urls/7b4675178afe39809df5b7388efef913 www.jboss.org/netty/performance.html www.jboss.org/netty/community.html Netty (software) Server (computing) Communication protocol Client (computing) Software maintenance Network socket Client–server model Computer network User Datagram Protocol Transmission Control Protocol Non-blocking I/O (Java) Computer network programming Rapid application development Thread (computing) Software development Javadoc Streamlines, streaklines, and pathlines Computer performance Supercomputer User guide