Описание
Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except using a custom HaProxyMessageDecoder.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | released | 4.1.48-6 |
| esm-apps/bionic | released | 1:4.1.7-4ubuntu0.1+esm2 |
| esm-apps/focal | released | 1:4.1.45-1ubuntu0.1~esm1 |
| esm-apps/jammy | released | 1:4.1.48-4+deb11u1build0.22.04.1 |
| esm-apps/noble | released | 4.1.48-6 |
| esm-apps/xenial | released | 1:4.0.34-1ubuntu0.1~esm1 |
| esm-infra-legacy/trusty | needs-triage | |
| focal | ignored | end of standard support, was needed |
| jammy | released | 1:4.1.48-4+deb11u1build0.22.04.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| esm-apps/bionic | needs-triage | |
| esm-apps/xenial | needs-triage | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | DNE | |
| kinetic | DNE | |
| trusty | ignored | end of standard support |
| upstream | needs-triage | |
| xenial | ignored | end of standard support |
Показывать по
5.3 Medium
CVSS3
Связанные уязвимости
Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except using a custom HaProxyMessageDecoder.
Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be raised when parsing a malformed crafted message due to an infinite recursion. This issue is patched in version 4.1.86.Final. There is no workaround, except using a custom HaProxyMessageDecoder.
Netty project is an event-driven asynchronous network application fram ...
Уязвимость сетевого программного средства Netty связана с неконтролируемой рекурсией, позволяющая нарушителю вызвать отказ в обслуживании
5.3 Medium
CVSS3