Netty 4.1.95

CPE Details

Netty 4.1.95
netty
netty
4.1.95
2023-10-18
10h26 +00:00
2023-10-18
10h26 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:netty:netty:4.1.95:*:*:*:*:*:*:*

Informations

Vendor

netty

Product

netty

Version

4.1.95

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2025-25193 2025-02-10 22h02 +00:00 Netty, an asynchronous, event-driven network application framework, has a vulnerability in versions up to and including 4.1.118.Final. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file that does not exist. If an attacker creates such a large file, the Netty application crash. A similar issue was previously reported as CVE-2024-47535. This issue was fixed, but the fix was incomplete in that null-bytes were not counted against the input limit. Commit d1fbda62d3a47835d3fb35db8bd42ecc205a5386 contains an updated fix.
5.5
Medium
CVE-2023-44487 2023-10-10 00h00 +00:00 The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
7.5
High