exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 8

CVE-2025-24970

4 месяца назад

Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91.Final and prior to version 4.1.118.Final. When a special crafted packet is received via SslHandler it doesn't correctly handle validation of such a packet in all cases which can lead to a native crash. Version 4.1.118.Final contains a patch. As workaround its possible to either disable the usage of the native SSLEngine or change the code manually.

CVSS3: 7.5

EPSS: Низкий

CVE-2025-24970

4 месяца назад

CVSS3: 7.5

EPSS: Низкий

CVE-2025-24970

4 месяца назад

CVSS3: 7.5

EPSS: Низкий

CVE-2025-24970

4 месяца назад

Netty, an asynchronous, event-driven network application framework, ha ...

CVSS3: 7.5

EPSS: Низкий

GHSA-4g8c-wm8x-jfhw

4 месяца назад

SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

CVSS3: 7.5

EPSS: Низкий

BDU:2025-03389

4 месяца назад

Уязвимость сетевого программного средства Netty, связанная с неправильной проверкой входных данных, позволяющая нарушителю вызвать отказ в обслуживании

CVSS3: 7.5

EPSS: Низкий

SUSE-SU-2025:0590-1

4 месяца назад

Security update for netty, netty-tcnative

EPSS: Низкий

ROS-20250226-15

4 месяца назад

Множественные уязвимости netty

CVSS3: 7.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2025-24970 Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91.Final and prior to version 4.1.118.Final. When a special crafted packet is received via SslHandler it doesn't correctly handle validation of such a packet in all cases which can lead to a native crash. Version 4.1.118.Final contains a patch. As workaround its possible to either disable the usage of the native SSLEngine or change the code manually.	CVSS3: 7.5	0% Низкий	4 месяца назад
CVE-2025-24970 Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91.Final and prior to version 4.1.118.Final. When a special crafted packet is received via SslHandler it doesn't correctly handle validation of such a packet in all cases which can lead to a native crash. Version 4.1.118.Final contains a patch. As workaround its possible to either disable the usage of the native SSLEngine or change the code manually.	CVSS3: 7.5	0% Низкий	4 месяца назад
CVE-2025-24970 Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91.Final and prior to version 4.1.118.Final. When a special crafted packet is received via SslHandler it doesn't correctly handle validation of such a packet in all cases which can lead to a native crash. Version 4.1.118.Final contains a patch. As workaround its possible to either disable the usage of the native SSLEngine or change the code manually.	CVSS3: 7.5	0% Низкий	4 месяца назад
CVE-2025-24970 Netty, an asynchronous, event-driven network application framework, ha ...	CVSS3: 7.5	0% Низкий	4 месяца назад
GHSA-4g8c-wm8x-jfhw SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine	CVSS3: 7.5	0% Низкий	4 месяца назад
BDU:2025-03389 Уязвимость сетевого программного средства Netty, связанная с неправильной проверкой входных данных, позволяющая нарушителю вызвать отказ в обслуживании	CVSS3: 7.5	0% Низкий	4 месяца назад
SUSE-SU-2025:0590-1 Security update for netty, netty-tcnative			4 месяца назад
ROS-20250226-15 Множественные уязвимости netty	CVSS3: 7.5		4 месяца назад

Уязвимостей на страницу