Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-48059 (GCVE-0-2026-48059)
Vulnerability from cvelistv5 – Published: 2026-06-12 14:42 – Updated: 2026-07-03 12:04| URL | Tags |
|---|---|
| https://github.com/netty/netty/security/advisorie… | x_refsource_CONFIRM |
| https://github.com/netty/netty/releases/tag/netty… | x_refsource_MISC |
| https://github.com/netty/netty/releases/tag/netty… | x_refsource_MISC |
| https://access.redhat.com/security/cve/CVE-2026-48059 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2488437 | issue-trackingx_refsource_REDHAT |
| https://security.access.redhat.com/data/csaf/v2/v… | x_sadp-csaf-vex |
| https://access.redhat.com/errata/RHSA-2026:26586 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:26018 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:26017 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:34608 | vendor-advisoryx_refsource_REDHAT |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-48059",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-12T16:14:17.314653Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T16:19:45.689Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/a:redhat:apache_camel_quarkus:3.33"
],
"defaultStatus": "affected",
"product": "Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quarkus:3.27::el8"
],
"defaultStatus": "affected",
"product": "Red Hat build of Quarkus 3.27.4.SP1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quarkus:3.33::el8"
],
"defaultStatus": "affected",
"product": "Red Hat build of Quarkus 3.33.2.SP1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:amq_streams:2.9::el9"
],
"defaultStatus": "affected",
"product": "Streams for Apache Kafka 2.9.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:cryostat:4"
],
"defaultStatus": "affected",
"product": "Cryostat 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:serverless:1"
],
"defaultStatus": "affected",
"product": "OpenShift Serverless",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:amq_broker:7"
],
"defaultStatus": "affected",
"product": "Red Hat AMQ Broker 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:apache_camel_hawtio:4"
],
"defaultStatus": "affected",
"product": "Red Hat build of Apache Camel - HawtIO 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:camel_quarkus:3"
],
"defaultStatus": "affected",
"product": "Red Hat build of Apache Camel 4 for Quarkus 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:camel_spring_boot:4"
],
"defaultStatus": "affected",
"product": "Red Hat build of Apache Camel for Spring Boot 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:apicurio_registry:3"
],
"defaultStatus": "affected",
"product": "Red Hat build of Apicurio Registry 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:debezium:3"
],
"defaultStatus": "affected",
"product": "Red Hat build of Debezium 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:build_keycloak:"
],
"defaultStatus": "affected",
"product": "Red Hat Build of Keycloak",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jboss_data_grid:8"
],
"defaultStatus": "affected",
"product": "Red Hat Data Grid 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jboss_fuse:7"
],
"defaultStatus": "affected",
"product": "Red Hat Fuse 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7"
],
"defaultStatus": "affected",
"product": "Red Hat JBoss Enterprise Application Platform 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jbosseapxp"
],
"defaultStatus": "affected",
"product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Dev Spaces",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:amq_streams:3"
],
"defaultStatus": "affected",
"product": "streams for Apache Kafka 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:satellite:6"
],
"defaultStatus": "unaffected",
"product": "Red Hat Satellite 6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:red_hat_single_sign_on:7"
],
"defaultStatus": "unaffected",
"product": "Red Hat Single Sign-On 7",
"vendor": "Red Hat"
}
],
"datePublic": "2026-06-12T14:42:44.677Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the Netty HAProxy PROXY protocol v2 codec. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy PROXY protocol v2 header with nested `PP2_TYPE_SSL` type-length-value (TLV) records. This can lead to a memory leak, causing the underlying cumulation buffer to remain permanently pinned and potentially resulting in a Denial of Service (DoS) due to resource exhaustion."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1286",
"description": "Improper Validation of Syntactic Correctness of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-03T12:04:44.603Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-48059"
},
{
"name": "RHBZ#2488437",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488437"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-48059.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26586"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26017"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:26586: Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
},
{
"lang": "en",
"value": "RHSA-2026:26018: Red Hat build of Quarkus 3.27.4.SP1"
},
{
"lang": "en",
"value": "RHSA-2026:26017: Red Hat build of Quarkus 3.33.2.SP1"
},
{
"lang": "en",
"value": "RHSA-2026:34608: Streams for Apache Kafka 2.9.4"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-12T16:02:40.032Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-06-12T14:42:44.677Z",
"value": "Made public."
}
],
"title": "netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"product": "netty",
"vendor": "netty",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.2.0.Final, \u003c 4.2.15.Final"
},
{
"status": "affected",
"version": "\u003c 4.1.135.Final"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the HAProxy PROXY protocol v2 codec in netty leaks native or heap memory on every connection when a client sends a syntactically valid header containing nested `PP2_TYPE_SSL` TLVs (type-length-value records) at depth two or greater. The leak occurs on the successful parse path \u2014 no exception is thrown, the message fires downstream, the decoder removes itself, and the application releases the `HAProxyMessage` normally. Yet the underlying cumulation buffer (a pooled, potentially direct `ByteBuf` allocated by the channel) remains permanently pinned. Versions 4.1.135.Final and 4.2.15.Final patch the issue."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-401",
"description": "CWE-401: Missing Release of Memory after Effective Lifetime",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T14:42:44.677Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/netty/netty/security/advisories/GHSA-h2qv-fj59-j46j",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/netty/netty/security/advisories/GHSA-h2qv-fj59-j46j"
},
{
"name": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"name": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
}
],
"source": {
"advisory": "GHSA-h2qv-fj59-j46j",
"discovery": "UNKNOWN"
},
"title": "Netty HAProxy: Unbalanced Reference Count in Nested PP2_TYPE_SSL TLV Parsing Leads to Memory Exhaustion"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-48059",
"datePublished": "2026-06-12T14:42:44.677Z",
"dateReserved": "2026-05-20T18:25:25.707Z",
"dateUpdated": "2026-07-03T12:04:44.603Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-48059",
"date": "2026-07-04",
"epss": "0.00606",
"percentile": "0.44695"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-48059\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-06-12T16:16:30.720\",\"lastModified\":\"2026-07-03T13:17:24.540\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the HAProxy PROXY protocol v2 codec in netty leaks native or heap memory on every connection when a client sends a syntactically valid header containing nested `PP2_TYPE_SSL` TLVs (type-length-value records) at depth two or greater. The leak occurs on the successful parse path \u2014 no exception is thrown, the message fires downstream, the decoder removes itself, and the application releases the `HAProxyMessage` normally. Yet the underlying cumulation buffer (a pooled, potentially direct `ByteBuf` allocated by the channel) remains permanently pinned. Versions 4.1.135.Final and 4.2.15.Final patch the issue.\"}],\"affected\":[{\"source\":\"security-advisories@github.com\",\"affectedData\":[{\"vendor\":\"netty\",\"product\":\"netty\",\"versions\":[{\"version\":\"\u003e= 4.2.0.Final, \u003c 4.2.15.Final\",\"status\":\"affected\"},{\"version\":\"\u003c 4.1.135.Final\",\"status\":\"affected\"}]}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"affectedData\":[{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:apache_camel_quarkus:3.33\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Quarkus 3.27.4.SP1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quarkus:3.27::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Quarkus 3.33.2.SP1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quarkus:3.33::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Streams for Apache Kafka 2.9.4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:amq_streams:2.9::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Cryostat 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:cryostat:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Serverless\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:serverless:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat AMQ Broker 7\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:amq_broker:7\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Apache Camel - HawtIO 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:apache_camel_hawtio:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Apache Camel 4 for Quarkus 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:camel_quarkus:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Apache Camel for Spring Boot 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:camel_spring_boot:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Apicurio Registry 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:apicurio_registry:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Debezium 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:debezium:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Build of Keycloak\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:build_keycloak:\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Data Grid 8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:jboss_data_grid:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Fuse 7\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:jboss_fuse:7\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat JBoss Enterprise Application Platform 7\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:jboss_enterprise_application_platform:7\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat JBoss Enterprise Application Platform Expansion Pack\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:jbosseapxp\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift AI (RHOAI)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_ai\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Dev Spaces\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_devspaces:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"streams for Apache Kafka 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:amq_streams:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Satellite 6\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:satellite:6\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Single Sign-On 7\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:red_hat_single_sign_on:7\"]}]}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":8.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-06-12T16:14:17.314653Z\",\"id\":\"CVE-2026-48059\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-401\"}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1286\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1.135\",\"matchCriteriaId\":\"3097D962-A32D-4467-AAE7-F4CBA3A349D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.2.0\",\"versionEndExcluding\":\"4.2.15\",\"matchCriteriaId\":\"413D4611-A46C-4BE4-AB2F-D86282F65984\"}]}]}],\"references\":[{\"url\":\"https://github.com/netty/netty/releases/tag/netty-4.1.135.Final\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/netty/netty/releases/tag/netty-4.2.15.Final\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/netty/netty/security/advisories/GHSA-h2qv-fj59-j46j\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26017\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26018\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26586\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:34608\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2026-48059\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2488437\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-48059.json\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"cpes\": [\"cpe:/a:redhat:apache_camel_quarkus:3.33\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quarkus:3.27::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Quarkus 3.27.4.SP1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quarkus:3.33::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Quarkus 3.33.2.SP1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:amq_streams:2.9::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Streams for Apache Kafka 2.9.4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:cryostat:4\"], \"vendor\": \"Red Hat\", \"product\": \"Cryostat 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:serverless:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Serverless\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:amq_broker:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat AMQ Broker 7\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:apache_camel_hawtio:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Apache Camel - HawtIO 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:camel_quarkus:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Apache Camel 4 for Quarkus 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:camel_spring_boot:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Apache Camel for Spring Boot 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:apicurio_registry:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Apicurio Registry 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:debezium:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Debezium 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:build_keycloak:\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Build of Keycloak\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_data_grid:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Data Grid 8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_fuse:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Fuse 7\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jbosseapxp\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform Expansion Pack\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ai\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift AI (RHOAI)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_devspaces:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Dev Spaces\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:amq_streams:3\"], \"vendor\": \"Red Hat\", \"product\": \"streams for Apache Kafka 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:red_hat_single_sign_on:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Single Sign-On 7\", \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-06-12T16:02:40.032Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2026-06-12T14:42:44.677Z\", \"value\": \"Made public.\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"RHSA-2026:26586: Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:26018: Red Hat build of Quarkus 3.27.4.SP1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:26017: Red Hat build of Quarkus 3.33.2.SP1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:34608: Streams for Apache Kafka 2.9.4\"}], \"x_adpType\": \"supplier\", \"datePublic\": \"2026-06-12T14:42:44.677Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2026-48059\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2488437\", \"name\": \"RHBZ#2488437\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-48059.json\", \"tags\": [\"x_sadp-csaf-vex\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:26586\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:26018\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:26017\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:34608\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.\"}], \"x_generator\": {\"engine\": \"sadp-cli 1.0.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in the Netty HAProxy PROXY protocol v2 codec. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy PROXY protocol v2 header with nested `PP2_TYPE_SSL` type-length-value (TLV) records. This can lead to a memory leak, causing the underlying cumulation buffer to remain permanently pinned and potentially resulting in a Denial of Service (DoS) due to resource exhaustion.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-1286\", \"description\": \"Improper Validation of Syntactic Correctness of Input\"}]}], \"providerMetadata\": {\"orgId\": \"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\", \"shortName\": \"redhat-SADP\", \"dateUpdated\": \"2026-07-03T12:04:44.603Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-48059\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-06-12T16:14:17.314653Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-06-12T16:14:22.148Z\"}}], \"cna\": {\"title\": \"Netty HAProxy: Unbalanced Reference Count in Nested PP2_TYPE_SSL TLV Parsing Leads to Memory Exhaustion\", \"source\": {\"advisory\": \"GHSA-h2qv-fj59-j46j\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 8.7, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"netty\", \"product\": \"netty\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 4.2.0.Final, \u003c 4.2.15.Final\"}, {\"status\": \"affected\", \"version\": \"\u003c 4.1.135.Final\"}]}], \"references\": [{\"url\": \"https://github.com/netty/netty/security/advisories/GHSA-h2qv-fj59-j46j\", \"name\": \"https://github.com/netty/netty/security/advisories/GHSA-h2qv-fj59-j46j\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/netty/netty/releases/tag/netty-4.1.135.Final\", \"name\": \"https://github.com/netty/netty/releases/tag/netty-4.1.135.Final\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/netty/netty/releases/tag/netty-4.2.15.Final\", \"name\": \"https://github.com/netty/netty/releases/tag/netty-4.2.15.Final\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the HAProxy PROXY protocol v2 codec in netty leaks native or heap memory on every connection when a client sends a syntactically valid header containing nested `PP2_TYPE_SSL` TLVs (type-length-value records) at depth two or greater. The leak occurs on the successful parse path \\u2014 no exception is thrown, the message fires downstream, the decoder removes itself, and the application releases the `HAProxyMessage` normally. Yet the underlying cumulation buffer (a pooled, potentially direct `ByteBuf` allocated by the channel) remains permanently pinned. Versions 4.1.135.Final and 4.2.15.Final patch the issue.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-401\", \"description\": \"CWE-401: Missing Release of Memory after Effective Lifetime\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-06-12T14:42:44.677Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-48059\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-07-03T12:04:44.603Z\", \"dateReserved\": \"2026-05-20T18:25:25.707Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-06-12T14:42:44.677Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
FKIE_CVE-2026-48059
Vulnerability from fkie_nvd - Published: 2026-06-12 16:16 - Updated: 2026-07-03 13:177.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
{
"affected": [
{
"affectedData": [
{
"product": "netty",
"vendor": "netty",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.2.0.Final, \u003c 4.2.15.Final"
},
{
"status": "affected",
"version": "\u003c 4.1.135.Final"
}
]
}
],
"source": "security-advisories@github.com"
},
{
"affectedData": [
{
"cpes": [
"cpe:/a:redhat:apache_camel_quarkus:3.33"
],
"defaultStatus": "affected",
"product": "Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quarkus:3.27::el8"
],
"defaultStatus": "affected",
"product": "Red Hat build of Quarkus 3.27.4.SP1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quarkus:3.33::el8"
],
"defaultStatus": "affected",
"product": "Red Hat build of Quarkus 3.33.2.SP1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:amq_streams:2.9::el9"
],
"defaultStatus": "affected",
"product": "Streams for Apache Kafka 2.9.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:cryostat:4"
],
"defaultStatus": "affected",
"product": "Cryostat 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:serverless:1"
],
"defaultStatus": "affected",
"product": "OpenShift Serverless",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:amq_broker:7"
],
"defaultStatus": "affected",
"product": "Red Hat AMQ Broker 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:apache_camel_hawtio:4"
],
"defaultStatus": "affected",
"product": "Red Hat build of Apache Camel - HawtIO 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:camel_quarkus:3"
],
"defaultStatus": "affected",
"product": "Red Hat build of Apache Camel 4 for Quarkus 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:camel_spring_boot:4"
],
"defaultStatus": "affected",
"product": "Red Hat build of Apache Camel for Spring Boot 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:apicurio_registry:3"
],
"defaultStatus": "affected",
"product": "Red Hat build of Apicurio Registry 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:debezium:3"
],
"defaultStatus": "affected",
"product": "Red Hat build of Debezium 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:build_keycloak:"
],
"defaultStatus": "affected",
"product": "Red Hat Build of Keycloak",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jboss_data_grid:8"
],
"defaultStatus": "affected",
"product": "Red Hat Data Grid 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jboss_fuse:7"
],
"defaultStatus": "affected",
"product": "Red Hat Fuse 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7"
],
"defaultStatus": "affected",
"product": "Red Hat JBoss Enterprise Application Platform 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jbosseapxp"
],
"defaultStatus": "affected",
"product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Dev Spaces",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:amq_streams:3"
],
"defaultStatus": "affected",
"product": "streams for Apache Kafka 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:satellite:6"
],
"defaultStatus": "unaffected",
"product": "Red Hat Satellite 6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:red_hat_single_sign_on:7"
],
"defaultStatus": "unaffected",
"product": "Red Hat Single Sign-On 7",
"vendor": "Red Hat"
}
],
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3097D962-A32D-4467-AAE7-F4CBA3A349D2",
"versionEndExcluding": "4.1.135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*",
"matchCriteriaId": "413D4611-A46C-4BE4-AB2F-D86282F65984",
"versionEndExcluding": "4.2.15",
"versionStartIncluding": "4.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the HAProxy PROXY protocol v2 codec in netty leaks native or heap memory on every connection when a client sends a syntactically valid header containing nested `PP2_TYPE_SSL` TLVs (type-length-value records) at depth two or greater. The leak occurs on the successful parse path \u2014 no exception is thrown, the message fires downstream, the decoder removes itself, and the application releases the `HAProxyMessage` normally. Yet the underlying cumulation buffer (a pooled, potentially direct `ByteBuf` allocated by the channel) remains permanently pinned. Versions 4.1.135.Final and 4.2.15.Final patch the issue."
}
],
"id": "CVE-2026-48059",
"lastModified": "2026-07-03T13:17:24.540",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"type": "Secondary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "security-advisories@github.com",
"type": "Secondary"
}
],
"ssvcV203": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"ssvcData": {
"id": "CVE-2026-48059",
"options": [
{
"exploitation": "none"
},
{
"automatable": "yes"
},
{
"technicalImpact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-12T16:14:17.314653Z",
"version": "2.0.3"
}
}
]
},
"published": "2026-06-12T16:16:30.720",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/netty/netty/security/advisories/GHSA-h2qv-fj59-j46j"
},
{
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"url": "https://access.redhat.com/errata/RHSA-2026:26017"
},
{
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"url": "https://access.redhat.com/errata/RHSA-2026:26586"
},
{
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"url": "https://access.redhat.com/security/cve/CVE-2026-48059"
},
{
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488437"
},
{
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-48059.json"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-1286"
}
],
"source": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"type": "Secondary"
}
]
}
GHSA-H2QV-FJ59-J46J
Vulnerability from github – Published: 2026-06-11 20:19 – Updated: 2026-06-12 19:31Impact
The HAProxy PROXY protocol v2 codec in netty leaks native or heap memory on every connection when a client sends a syntactically valid header containing nested PP2_TYPE_SSL TLVs (type-length-value records) at depth two or greater. The leak occurs on the successful parse path — no exception is thrown, the message fires downstream, the decoder removes itself, and the application releases the HAProxyMessage normally. Yet the underlying cumulation buffer (a pooled, potentially direct ByteBuf allocated by the channel) remains permanently pinned.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 4.2.14.Final"
},
"package": {
"ecosystem": "Maven",
"name": "io.netty:netty-codec-haproxy"
},
"ranges": [
{
"events": [
{
"introduced": "4.2.0.Final"
},
{
"fixed": "4.2.15.Final"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 4.1.134.Final"
},
"package": {
"ecosystem": "Maven",
"name": "io.netty:netty-codec-haproxy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.1.135.Final"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-48059"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": true,
"github_reviewed_at": "2026-06-11T20:19:27Z",
"nvd_published_at": "2026-06-12T16:16:30Z",
"severity": "HIGH"
},
"details": "### Impact\nThe HAProxy PROXY protocol v2 codec in netty leaks native or heap memory on every connection when a client sends a syntactically valid header containing nested `PP2_TYPE_SSL` TLVs (type-length-value records) at depth two or greater. The leak occurs on the successful parse path \u2014 no exception is thrown, the message fires downstream, the decoder removes itself, and the application releases the `HAProxyMessage` normally. Yet the underlying cumulation buffer (a pooled, potentially direct `ByteBuf` allocated by the channel) remains permanently pinned.",
"id": "GHSA-h2qv-fj59-j46j",
"modified": "2026-06-12T19:31:49Z",
"published": "2026-06-11T20:19:27Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/netty/netty/security/advisories/GHSA-h2qv-fj59-j46j"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48059"
},
{
"type": "PACKAGE",
"url": "https://github.com/netty/netty"
},
{
"type": "WEB",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"type": "WEB",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Netty HAProxy: Unbalanced Reference Count in Nested PP2_TYPE_SSL TLV Parsing Leads to Memory Exhaustion"
}
OPENSUSE-SU-2026:11033-1
Vulnerability from csaf_opensuse - Published: 2026-06-15 00:00 - Updated: 2026-06-15 00:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "netty-4.1.135-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the netty-4.1.135-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-11033",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_11033-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-44249 page",
"url": "https://www.suse.com/security/cve/CVE-2026-44249/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-44250 page",
"url": "https://www.suse.com/security/cve/CVE-2026-44250/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-44890 page",
"url": "https://www.suse.com/security/cve/CVE-2026-44890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-44893 page",
"url": "https://www.suse.com/security/cve/CVE-2026-44893/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45416 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45416/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45536 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45536/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45673 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45674 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46340 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46340/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-47244 page",
"url": "https://www.suse.com/security/cve/CVE-2026-47244/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-47691 page",
"url": "https://www.suse.com/security/cve/CVE-2026-47691/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-48006 page",
"url": "https://www.suse.com/security/cve/CVE-2026-48006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-48043 page",
"url": "https://www.suse.com/security/cve/CVE-2026-48043/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-48059 page",
"url": "https://www.suse.com/security/cve/CVE-2026-48059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-50010 page",
"url": "https://www.suse.com/security/cve/CVE-2026-50010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-50011 page",
"url": "https://www.suse.com/security/cve/CVE-2026-50011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-50020 page",
"url": "https://www.suse.com/security/cve/CVE-2026-50020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-50560 page",
"url": "https://www.suse.com/security/cve/CVE-2026-50560/"
}
],
"title": "netty-4.1.135-1.1 on GA media",
"tracking": {
"current_release_date": "2026-06-15T00:00:00Z",
"generator": {
"date": "2026-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:11033-1",
"initial_release_date": "2026-06-15T00:00:00Z",
"revision_history": [
{
"date": "2026-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "netty-4.1.135-1.1.aarch64",
"product": {
"name": "netty-4.1.135-1.1.aarch64",
"product_id": "netty-4.1.135-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "netty-bom-4.1.135-1.1.aarch64",
"product": {
"name": "netty-bom-4.1.135-1.1.aarch64",
"product_id": "netty-bom-4.1.135-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "netty-javadoc-4.1.135-1.1.aarch64",
"product": {
"name": "netty-javadoc-4.1.135-1.1.aarch64",
"product_id": "netty-javadoc-4.1.135-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "netty-parent-4.1.135-1.1.aarch64",
"product": {
"name": "netty-parent-4.1.135-1.1.aarch64",
"product_id": "netty-parent-4.1.135-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "netty-4.1.135-1.1.ppc64le",
"product": {
"name": "netty-4.1.135-1.1.ppc64le",
"product_id": "netty-4.1.135-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "netty-bom-4.1.135-1.1.ppc64le",
"product": {
"name": "netty-bom-4.1.135-1.1.ppc64le",
"product_id": "netty-bom-4.1.135-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "netty-javadoc-4.1.135-1.1.ppc64le",
"product": {
"name": "netty-javadoc-4.1.135-1.1.ppc64le",
"product_id": "netty-javadoc-4.1.135-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "netty-parent-4.1.135-1.1.ppc64le",
"product": {
"name": "netty-parent-4.1.135-1.1.ppc64le",
"product_id": "netty-parent-4.1.135-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "netty-4.1.135-1.1.s390x",
"product": {
"name": "netty-4.1.135-1.1.s390x",
"product_id": "netty-4.1.135-1.1.s390x"
}
},
{
"category": "product_version",
"name": "netty-bom-4.1.135-1.1.s390x",
"product": {
"name": "netty-bom-4.1.135-1.1.s390x",
"product_id": "netty-bom-4.1.135-1.1.s390x"
}
},
{
"category": "product_version",
"name": "netty-javadoc-4.1.135-1.1.s390x",
"product": {
"name": "netty-javadoc-4.1.135-1.1.s390x",
"product_id": "netty-javadoc-4.1.135-1.1.s390x"
}
},
{
"category": "product_version",
"name": "netty-parent-4.1.135-1.1.s390x",
"product": {
"name": "netty-parent-4.1.135-1.1.s390x",
"product_id": "netty-parent-4.1.135-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "netty-4.1.135-1.1.x86_64",
"product": {
"name": "netty-4.1.135-1.1.x86_64",
"product_id": "netty-4.1.135-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "netty-bom-4.1.135-1.1.x86_64",
"product": {
"name": "netty-bom-4.1.135-1.1.x86_64",
"product_id": "netty-bom-4.1.135-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "netty-javadoc-4.1.135-1.1.x86_64",
"product": {
"name": "netty-javadoc-4.1.135-1.1.x86_64",
"product_id": "netty-javadoc-4.1.135-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "netty-parent-4.1.135-1.1.x86_64",
"product": {
"name": "netty-parent-4.1.135-1.1.x86_64",
"product_id": "netty-parent-4.1.135-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-4.1.135-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64"
},
"product_reference": "netty-4.1.135-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-4.1.135-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le"
},
"product_reference": "netty-4.1.135-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-4.1.135-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:netty-4.1.135-1.1.s390x"
},
"product_reference": "netty-4.1.135-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-4.1.135-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64"
},
"product_reference": "netty-4.1.135-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-bom-4.1.135-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64"
},
"product_reference": "netty-bom-4.1.135-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-bom-4.1.135-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le"
},
"product_reference": "netty-bom-4.1.135-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-bom-4.1.135-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x"
},
"product_reference": "netty-bom-4.1.135-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-bom-4.1.135-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64"
},
"product_reference": "netty-bom-4.1.135-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-javadoc-4.1.135-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64"
},
"product_reference": "netty-javadoc-4.1.135-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-javadoc-4.1.135-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le"
},
"product_reference": "netty-javadoc-4.1.135-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-javadoc-4.1.135-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x"
},
"product_reference": "netty-javadoc-4.1.135-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-javadoc-4.1.135-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64"
},
"product_reference": "netty-javadoc-4.1.135-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-parent-4.1.135-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64"
},
"product_reference": "netty-parent-4.1.135-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-parent-4.1.135-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le"
},
"product_reference": "netty-parent-4.1.135-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-parent-4.1.135-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x"
},
"product_reference": "netty-parent-4.1.135-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "netty-parent-4.1.135-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
},
"product_reference": "netty-parent-4.1.135-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-44249",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-44249"
}
],
"notes": [
{
"category": "general",
"text": "Netty is a network application framework for development of protocol servers and clients. In netty-handler prior to versions 4.1.135.Final and 4.2.15.Final, an attacker can bypass IPv6 subnet rules due to an incorrect masking operation in IpSubnetFilterRule.compareTo(). Valid public IP addresses can bypass the restrictions. Versions 4.1.135.Final and 4.2.15.Final patch the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-44249",
"url": "https://www.suse.com/security/cve/CVE-2026-44249"
},
{
"category": "external",
"summary": "SUSE Bug 1268165 for CVE-2026-44249",
"url": "https://bugzilla.suse.com/1268165"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-44249"
},
{
"cve": "CVE-2026-44250",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-44250"
}
],
"notes": [
{
"category": "general",
"text": "Netty is a network application framework for development of protocol servers and clients. In netty-codec-redis prior to versions 4.1.135.Final and 4.2.15.Final, an attacker can cause DoS by sending a crafted Redis payload with deeply nested arrays. This forces the server to allocate a massive number of state objects and collections, leading to memory exhaustion and an OutOfMemoryError. Versions 4.1.135.Final and 4.2.15.Final patch the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-44250",
"url": "https://www.suse.com/security/cve/CVE-2026-44250"
},
{
"category": "external",
"summary": "SUSE Bug 1268169 for CVE-2026-44250",
"url": "https://bugzilla.suse.com/1268169"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-44250"
},
{
"cve": "CVE-2026-44890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-44890"
}
],
"notes": [
{
"category": "general",
"text": "Netty is a network application framework for development of protocol servers and clients. In netty-codec-redis prior to versions 4.1.135.Final and 4.2.15.Final, an attacker can cause DoS by sending crafted Redis payloads across multiple connections without `\\r\\n`. This exhausts the server\u0027s direct memory pool (OutOfDirectMemoryError), preventing legitimate connections from being processed. Versions 4.1.135.Final and 4.2.15.Final patch the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-44890",
"url": "https://www.suse.com/security/cve/CVE-2026-44890"
},
{
"category": "external",
"summary": "SUSE Bug 1268170 for CVE-2026-44890",
"url": "https://bugzilla.suse.com/1268170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-44890"
},
{
"cve": "CVE-2026-44893",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-44893"
}
],
"notes": [
{
"category": "general",
"text": "Netty is a network application framework for development of protocol servers and clients. In netty-codec-haproxy prior to versions 4.1.135.Final and 4.2.15.Final, when decoding a PP2_TYPE_SSL TLV, HAProxyMessage.readNextTLV() first calls `header.retainedSlice(header.readerIndex(), length)` and only then reads the 1-byte client field and 4-byte verify field. If the attacker sets the TLV length below 5, the subsequent readByte/readInt throws IndexOutOfBoundsException. HAProxyMessageDecoder only catches HAProxyProtocolException around this call, so the IOOBE propagates and the retained slice on the pooled cumulation buffer is never released. Versions 4.1.135.Final and 4.2.15.Final patch the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-44893",
"url": "https://www.suse.com/security/cve/CVE-2026-44893"
},
{
"category": "external",
"summary": "SUSE Bug 1268244 for CVE-2026-44893",
"url": "https://bugzilla.suse.com/1268244"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-44893"
},
{
"cve": "CVE-2026-45416",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45416"
}
],
"notes": [
{
"category": "general",
"text": "Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, SslClientHelloHandler.decode() reads the 24-bit TLS handshake length and, when the ClientHello does not fit in the first record, eagerly allocates `ctx.alloc().buffer(handshakeLength)` (line 161). The guard at line 140 is `handshakeLength \u003e maxClientHelloLength \u0026\u0026 maxClientHelloLength != 0`, and the commonly-used SniHandler/AbstractSniHandler constructors (SniHandler(Mapping), SniHandler(AsyncMapping), AbstractSniHandler()) pass maxClientHelloLength=0 and handshakeTimeoutMillis=0, so the length guard is disabled and no timeout is scheduled. A 16 MiB request exceeds the default pooled chunk size and becomes a huge/unpooled allocation performed immediately. The buffer is retained in the handler until the channel closes. Versions 4.1.135.Final and 4.2.15.Final patch the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45416",
"url": "https://www.suse.com/security/cve/CVE-2026-45416"
},
{
"category": "external",
"summary": "SUSE Bug 1268246 for CVE-2026-45416",
"url": "https://bugzilla.suse.com/1268246"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-45416"
},
{
"cve": "CVE-2026-45536",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45536"
}
],
"notes": [
{
"category": "general",
"text": "Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, netty_unix_socket_recvFd sets msg_control to `char control[CMSG_SPACE(sizeof(int))]` (line 940) - 24 bytes on 64-bit Linux. A peer-sent SCM_RIGHTS cmsg carrying two ints has cmsg_len = CMSG_LEN(8) = 24, which fits exactly with no MSG_CTRUNC, so the kernel installs both fds in the receiving process. The subsequent check `cmsg-\u003ecmsg_len == CMSG_LEN(sizeof(int))` (line 972, expected 20) fails, the branch that would read the fd is skipped, and neither installed fd is closed. The for(;;) loop calls recvmsg again (non-blocking -\u003e EAGAIN -\u003e Java maps to 0 -\u003e read loop exits normally), leaving two leaked fds per message. There is no MSG_CTRUNC handling. Reachable via Epoll/KQueue DomainSocketChannel when the application opts into DomainSocketReadMode.FILE_DESCRIPTORS (non-default). Versions 4.1.135.Final and 4.2.15.Final patch the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45536",
"url": "https://www.suse.com/security/cve/CVE-2026-45536"
},
{
"category": "external",
"summary": "SUSE Bug 1268247 for CVE-2026-45536",
"url": "https://bugzilla.suse.com/1268247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-45536"
},
{
"cve": "CVE-2026-45673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45673"
}
],
"notes": [
{
"category": "general",
"text": "Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty\u0027s DNS resolver uses a predictable PRNG for generating DNS transaction IDs and defaults to a static UDP source port. This combination reduces the entropy of DNS queries, enabling DNS Cache Poisoning (Kaminsky attack). Versions 4.1.135.Final and 4.2.15.Final patch the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45673",
"url": "https://www.suse.com/security/cve/CVE-2026-45673"
},
{
"category": "external",
"summary": "SUSE Bug 1268248 for CVE-2026-45673",
"url": "https://bugzilla.suse.com/1268248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-45673"
},
{
"cve": "CVE-2026-45674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45674"
}
],
"notes": [
{
"category": "general",
"text": "Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty\u0027s DnsResolveContext fails to validate the origin (bailiwick) of CNAME records in DNS responses. Versions 4.1.135.Final and 4.2.15.Final patch the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45674",
"url": "https://www.suse.com/security/cve/CVE-2026-45674"
},
{
"category": "external",
"summary": "SUSE Bug 1268249 for CVE-2026-45674",
"url": "https://bugzilla.suse.com/1268249"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-45674"
},
{
"cve": "CVE-2026-46340",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46340"
}
],
"notes": [
{
"category": "general",
"text": "Netty is a network application framework for development of protocol servers and clients. In versions of netty-transport-sctp prior to 4.1.135.Final and 4.2.15.Final, for each non-complete SctpMessage fragment the handler does `fragments.put(streamId, Unpooled.wrappedBuffer(frag, byteBuf))`, wrapping the previous accumulator and the new slice into a *new* CompositeByteBuf every time. After N fragments the accumulator is an N-deep chain of composites, each holding references and component arrays; readableBytes()/getBytes() on the final buffer recurse N levels. There is no limit on N, on total bytes, or on the number of streamIdentifiers an attacker can open (each gets its own map entry). A peer that never sets the `complete` flag can grow this structure indefinitely from tiny 1-byte DATA chunks. Versions 4.1.135.Final and 4.2.15.Final patch the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46340",
"url": "https://www.suse.com/security/cve/CVE-2026-46340"
},
{
"category": "external",
"summary": "SUSE Bug 1268250 for CVE-2026-46340",
"url": "https://bugzilla.suse.com/1268250"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-46340"
},
{
"cve": "CVE-2026-47244",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-47244"
}
],
"notes": [
{
"category": "general",
"text": "Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, DefaultHttp2Connection.DefaultEndpoint initialises maxActiveStreams/maxStreams to Integer.MAX_VALUE, and Http2Settings never inserts SETTINGS_MAX_CONCURRENT_STREAMS by default (Http2Settings.java:305-307 only clamps a user-supplied value). Unless the application explicitly calls initialSettings().maxConcurrentStreams(n), a Netty HTTP/2 server advertises no limit and enforces none locally. Each open stream allocates a DefaultStream object, PropertyMap slots, flow-controller state and IntObjectHashMap entry; with ~2^30 permissible odd stream IDs a single TCP connection can create hundreds of thousands of long-lived stream objects. This is also the precondition for CVE-2023-44487-style Rapid-Reset amplification, where the absence of a low concurrent cap multiplies backend work. Versions 4.1.135.Final and 4.2.15.Final patch the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-47244",
"url": "https://www.suse.com/security/cve/CVE-2026-47244"
},
{
"category": "external",
"summary": "SUSE Bug 1268251 for CVE-2026-47244",
"url": "https://bugzilla.suse.com/1268251"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-47244"
},
{
"cve": "CVE-2026-47691",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-47691"
}
],
"notes": [
{
"category": "general",
"text": "Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty\u0027s `DnsResolveContext` insufficiently validates the bailiwick of NS records, enabling DNS Cache Poisoning. An attacker controlling an authoritative name server for a subdomain can poison the cache for parent domains (like `.co.uk`). In `io.netty.resolver.dns.DnsResolveContext.AuthoritativeNameServerList#add` method accepts any NS record from the AUTHORITY section as long as the record\u0027s name is a suffix of the questionName. Subsequently, the `handleWithAdditional` method caches the associated A records from the ADDITIONAL section directly into the `authoritativeDnsServerCache` under the parent domain\u0027s key. This bypasses standard bailiwick rules, where a server authoritative for a subdomain should not be trusted to provide authoritative records for its parent. The poisoned cache is then used for all future resolutions under the parent domain\u0027s key. Versions 4.1.135.Final and 4.2.15.Final patch the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-47691",
"url": "https://www.suse.com/security/cve/CVE-2026-47691"
},
{
"category": "external",
"summary": "SUSE Bug 1268252 for CVE-2026-47691",
"url": "https://bugzilla.suse.com/1268252"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-47691"
},
{
"cve": "CVE-2026-48006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-48006"
}
],
"notes": [
{
"category": "general",
"text": "Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the RedisArrayAggregator handler permanently leaks pooled direct-memory buffers when a Redis pipeline connection closes before a RESP array aggregate completes. The handler retains child messages in per-handler state (`depths` field) but defines no `channelInactive`, `handlerRemoved`, or `exceptionCaught` method to release them when the pipeline tears down. Because the leaked buffers are slices of `PooledByteBufAllocator` chunks, they prevent those chunks from being returned to the JVM-wide direct-memory pool. Repeated connection churn by any network peer monotonically drains this shared pool, eventually causing allocation failures on all Netty channels in the process. Versions 4.1.135.Final and 4.2.15.Final patch the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-48006",
"url": "https://www.suse.com/security/cve/CVE-2026-48006"
},
{
"category": "external",
"summary": "SUSE Bug 1268255 for CVE-2026-48006",
"url": "https://bugzilla.suse.com/1268255"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-48006"
},
{
"cve": "CVE-2026-48043",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-48043"
}
],
"notes": [
{
"category": "general",
"text": "Netty is a network application framework for development of protocol servers and clients. In netty-codec-http2 prior to versions 4.1.135.Final and 4.2.15.Final, the `DelegatingDecompressorFrameListener` class orchestrates HTTP/2 decompression by embedding a per-stream `EmbeddedChannel` that runs the appropriate decompression codec (gzip, deflate, zstd) and forwards decompressed chunks to a wrapped listener. Each decompressed chunk is a pooled `ByteBuf` handed to an anonymous `ChannelInboundHandlerAdapter` tail handler, which becomes the sole owner responsible for releasing it. A remote peer could send frames that would result in the flow-controller throwing and so trigger a resource leak which at the end might take down the whole JVM due OOME. Versions 4.1.135.Final and 4.2.15.Final patch the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-48043",
"url": "https://www.suse.com/security/cve/CVE-2026-48043"
},
{
"category": "external",
"summary": "SUSE Bug 1268257 for CVE-2026-48043",
"url": "https://bugzilla.suse.com/1268257"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-48043"
},
{
"cve": "CVE-2026-48059",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-48059"
}
],
"notes": [
{
"category": "general",
"text": "Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the HAProxy PROXY protocol v2 codec in netty leaks native or heap memory on every connection when a client sends a syntactically valid header containing nested `PP2_TYPE_SSL` TLVs (type-length-value records) at depth two or greater. The leak occurs on the successful parse path - no exception is thrown, the message fires downstream, the decoder removes itself, and the application releases the `HAProxyMessage` normally. Yet the underlying cumulation buffer (a pooled, potentially direct `ByteBuf` allocated by the channel) remains permanently pinned. Versions 4.1.135.Final and 4.2.15.Final patch the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-48059",
"url": "https://www.suse.com/security/cve/CVE-2026-48059"
},
{
"category": "external",
"summary": "SUSE Bug 1268258 for CVE-2026-48059",
"url": "https://bugzilla.suse.com/1268258"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-48059"
},
{
"cve": "CVE-2026-50010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-50010"
}
],
"notes": [
{
"category": "general",
"text": "Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, SimpleTrustManagerFactory.engineGetTrustManagers() and related paths wrap any user-supplied plain X509TrustManager in X509TrustManagerWrapper, which extends X509ExtendedTrustManager but implements the 3-arg checkServerTrusted(chain, authType, SSLEngine) by discarding the SSLEngine and calling the 2-arg delegate. Because the object now IS an X509ExtendedTrustManager, neither SunJSSE\u0027s internal AbstractTrustManagerWrapper nor Netty\u0027s own OpenSslX509TrustManagerWrapper will re-wrap it to add endpoint-identification. Consequently, even though Netty 4.2 sets endpointIdentificationAlgorithm=\"HTTPS\" by default, a client built with `SslContextBuilder.forClient().trustManager(somePlainX509TrustManager)` performs no hostname verification at all. Versions 4.1.135.Final and 4.2.15.Final patch the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-50010",
"url": "https://www.suse.com/security/cve/CVE-2026-50010"
},
{
"category": "external",
"summary": "SUSE Bug 1268259 for CVE-2026-50010",
"url": "https://bugzilla.suse.com/1268259"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-50010"
},
{
"cve": "CVE-2026-50011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-50011"
}
],
"notes": [
{
"category": "general",
"text": "Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, RedisArrayAggregator pre-allocates ArrayList with initial capacity equal to the RESP array element count declared in an array header. That count is taken from the wire before the corresponding child messages exist. A small malicious header can claim a huge initial capacity. Versions 4.1.135.Final and 4.2.15.Final patch the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-50011",
"url": "https://www.suse.com/security/cve/CVE-2026-50011"
},
{
"category": "external",
"summary": "SUSE Bug 1268260 for CVE-2026-50011",
"url": "https://bugzilla.suse.com/1268260"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-50011"
},
{
"cve": "CVE-2026-50020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-50020"
}
],
"notes": [
{
"category": "general",
"text": "Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, before reading the first request-line, `HttpObjectDecoder` skips every byte for which `Character.isISOControl(b)` is `true` (0x00-0x1F and 0x7F) as well as all whitespace. RFC 9112 2.2 only asks servers to ignore empty CRLF lines preceding the request-line - a carefully scoped robustness allowance intended to handle HTTP/1.0 POST workarounds. Silently absorbing NUL bytes, SOH, STX, and other non-CRLF control characters goes significantly beyond this, and can be exploited for request-boundary confusion in pipelined or multiplexed transports where a front-end component treats those bytes differently. Versions 4.1.135.Final and 4.2.15.Final patch the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-50020",
"url": "https://www.suse.com/security/cve/CVE-2026-50020"
},
{
"category": "external",
"summary": "SUSE Bug 1268261 for CVE-2026-50020",
"url": "https://bugzilla.suse.com/1268261"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-50020"
},
{
"cve": "CVE-2026-50560",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-50560"
}
],
"notes": [
{
"category": "general",
"text": "Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty HTTP/2 max header size handling produces an attack similar to HTTP/2 Rapid Reset. There is a setting in the http2 specification called `SETTINGS_MAX_HEADER_LIST_SIZE`. When a client sends that setting to Netty, it appears that Netty will behave as follows: read the request; proxy the request to the origin; attempt to produce a response; and create an exception while writing the headers for the response. Functionally, this should be similar to the http2 reset attack, but with a different on-the-wire signature. Versions 4.1.135.Final and 4.2.15.Final patch the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-50560",
"url": "https://www.suse.com/security/cve/CVE-2026-50560"
},
{
"category": "external",
"summary": "SUSE Bug 1268262 for CVE-2026-50560",
"url": "https://bugzilla.suse.com/1268262"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:netty-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-bom-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-javadoc-4.1.135-1.1.x86_64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.aarch64",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.ppc64le",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.s390x",
"openSUSE Tumbleweed:netty-parent-4.1.135-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-50560"
}
]
}
RHSA-2026:26017
Vulnerability from csaf_redhat - Published: 2026-06-17 15:45 - Updated: 2026-07-04 11:09A flaw was found in eclipse-vertx/vert.x. A remote attacker can exploit this vulnerability by performing a Transport Layer Security (TLS) handshake and presenting a server name extension with a server wildcard name. This can lead to a denial of service (DoS) condition, impacting the availability of the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.33.2.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.33::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in netty-handler, a component of the Netty network application framework. A remote attacker can exploit an incorrect masking operation in the IpSubnetFilterRule.compareTo() function to bypass configured IPv6 subnet rules. This allows valid public IP addresses to circumvent intended network restrictions, potentially leading to unauthorized access or exposure of services.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.33.2.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.33::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in netty-codec-haproxy, a component of the Netty network application framework. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy message with a malformed PP2_TYPE_SSL TLV (Type-Length-Value) header. This can lead to an IndexOutOfBoundsException and prevent the release of retained memory, ultimately causing a Denial of Service (DoS) condition for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.33.2.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.33::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a crafted TLS (Transport Layer Security) ClientHello message. This can lead to an eager allocation of a large memory buffer, causing a Denial of Service (DoS) due to excessive memory consumption. The issue occurs in the `SslClientHelloHandler.decode()` method when processing the TLS handshake length.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.33.2.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.33::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty's DNS resolver component. This vulnerability arises from the use of a predictable pseudo-random number generator (PRNG) for DNS transaction IDs and a static User Datagram Protocol (UDP) source port. This combination significantly reduces the randomness of DNS queries, making it easier for a remote attacker to perform DNS Cache Poisoning, also known as a Kaminsky attack. Successful exploitation could allow an attacker to redirect network traffic to malicious servers.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.33.2.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.33::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty's DnsResolveContext. This vulnerability allows a remote attacker to achieve information disclosure or data manipulation by crafting malicious DNS responses. The flaw occurs because the DnsResolveContext fails to validate the origin (bailiwick) of CNAME records in DNS responses, which could enable an attacker to redirect network traffic or intercept sensitive data from affected applications.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.33.2.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.33::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a large number of HTTP/2 stream requests to a Netty HTTP/2 server. If the server does not explicitly limit concurrent streams, it can lead to the allocation of numerous long-lived stream objects. This excessive resource consumption can result in a denial of service (DoS), making the server unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.33.2.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.33::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty's `DnsResolveContext`. An attacker controlling an authoritative name server for a subdomain can exploit this vulnerability by providing crafted NS records that are insufficiently validated. This allows the attacker to poison the DNS cache for parent domains, bypassing standard bailiwick rules. Consequently, future DNS resolutions for the affected parent domain will use the poisoned cache, potentially redirecting users to malicious servers and leading to information disclosure or integrity compromise.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.33.2.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.33::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in netty-codec-http2. A remote attacker could send specially crafted frames that cause a resource leak within the `DelegatingDecompressorFrameListener` class. This resource leak could lead to an Out Of Memory Error (OOME), potentially causing a Denial of Service (DoS) by taking down the entire Java Virtual Machine (JVM).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.33.2.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.33::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in the Netty HAProxy PROXY protocol v2 codec. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy PROXY protocol v2 header with nested `PP2_TYPE_SSL` type-length-value (TLV) records. This can lead to a memory leak, causing the underlying cumulation buffer to remain permanently pinned and potentially resulting in a Denial of Service (DoS) due to resource exhaustion.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.33.2.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.33::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty, a network application framework. This vulnerability allows a remote attacker to bypass hostname verification due to improper handling of user-supplied trust managers. When a client is configured with a plain X.509 Trust Manager (X509TrustManager), it fails to perform necessary hostname checks, enabling an attacker to impersonate a legitimate server. This could lead to sensitive information disclosure or man-in-the-middle attacks.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.33.2.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.33::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty. The HttpObjectDecoder component, which processes incoming HTTP requests, incorrectly skips certain control characters and whitespace before reading the first request line. This behavior, which goes beyond standard HTTP protocol requirements, can lead to request-boundary confusion in systems that use pipelined or multiplexed transports. An attacker could exploit this to cause a front-end component to misinterpret HTTP request boundaries, potentially resulting in low integrity impact, such as unintended data manipulation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.33.2.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.33::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Quarkus. A remote attacker could bypass HTTP path-based authorization policies by using specially crafted encoded semicolons, slashes, or backslashes in HTTP requests. This could allow unauthorized access to protected static resources, leading to information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.33.2.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.33::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty, a network application framework. A remote attacker can exploit a vulnerability in the HTTP/2 (Hypertext Transfer Protocol version 2) maximum header size handling. By sending a specific SETTINGS_MAX_HEADER_LIST_SIZE setting, an attacker can cause Netty to produce an exception when writing response headers. This issue is similar to an HTTP/2 Rapid Reset attack and can lead to a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.33.2.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.33::el8
|
— |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat build of Quarkus.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat build of Quarkus 3.33.2.SP1 includes the following CVE fixes:\n\n* quarkus-vertx-http: Authentication/Authorization Bypass via Advanced Path Normalization Vulnerabilities [quarkus-3.33] (CVE-2026-50559)\n\n* vertx-core: eclipse-vertx/vert.x: Denial of Service via TLS handshake with wildcard server name [quarkus-3.33] (CVE-2026-6860)\n\n* netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation [quarkus-3.33] (CVE-2026-44249)\n\n* netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message [quarkus-3.33] (CVE-2026-44893)\n\n* netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak [quarkus-3.33] (CVE-2026-48043)\n\n* netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers [quarkus-3.33] (CVE-2026-48059)\n\n* netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records [quarkus-3.33] (CVE-2026-47691)\n\n* netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass [quarkus-3.33] (CVE-2026-50010)\n\n* netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder [quarkus-3.33] (CVE-2026-50020)\n\n* netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation [quarkus-3.33] (CVE-2026-45674)\n\n* netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake [quarkus-3.33] (CVE-2026-45416)\n\n* netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling [quarkus-3.33] (CVE-2026-50560)\n\n* netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams [quarkus-3.33] (CVE-2026-47244)\n\n* netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs [quarkus-3.33] (CVE-2026-45673)\n\nFor more information, see the release notes page listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:26017",
"url": "https://access.redhat.com/errata/RHSA-2026:26017"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/products/quarkus/",
"url": "https://access.redhat.com/products/quarkus/"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=redhat.quarkus\u0026downloadType=distributions\u0026version=3.33.2.SP1",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=redhat.quarkus\u0026downloadType=distributions\u0026version=3.33.2.SP1"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_build_of_quarkus/3.33",
"url": "https://docs.redhat.com/en/documentation/red_hat_build_of_quarkus/3.33"
},
{
"category": "external",
"summary": "QUARKUS-7955",
"url": "https://issues.redhat.com/browse/QUARKUS-7955"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_26017.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Quarkus 3.33.2.SP1 security update",
"tracking": {
"current_release_date": "2026-07-04T11:09:22+00:00",
"generator": {
"date": "2026-07-04T11:09:22+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:26017",
"initial_release_date": "2026-06-17T15:45:05+00:00",
"revision_history": [
{
"date": "2026-06-17T15:45:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-17T15:45:05+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-04T11:09:22+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat build of Quarkus 3.33.2.SP1",
"product": {
"name": "Red Hat build of Quarkus 3.33.2.SP1",
"product_id": "Red Hat build of Quarkus 3.33.2.SP1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quarkus:3.33::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat build of Quarkus"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-6860",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-05-06T10:01:43.929832+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466990"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in eclipse-vertx/vert.x. A remote attacker can exploit this vulnerability by performing a Transport Layer Security (TLS) handshake and presenting a server name extension with a server wildcard name. This can lead to a denial of service (DoS) condition, impacting the availability of the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "eclipse-vertx/vert.x: eclipse-vertx/vert.x: Denial of Service via TLS handshake with wildcard server name",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as Moderate because a remote attacker can trigger a denial of service in Red Hat products that use `eclipse-vertx/vert.x` and are configured with TLS wildcard server names. Exploitation occurs during the TLS handshake, impacting service availability without affecting data confidentiality or integrity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-6860"
},
{
"category": "external",
"summary": "RHBZ#2466990",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466990"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-6860",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6860"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-6860",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6860"
},
{
"category": "external",
"summary": "https://github.com/eclipse-vertx/vert.x/pull/6102",
"url": "https://github.com/eclipse-vertx/vert.x/pull/6102"
},
{
"category": "external",
"summary": "https://github.com/eclipse-vertx/vert.x/security/advisories/GHSA-3g76-f9xq-8vp6",
"url": "https://github.com/eclipse-vertx/vert.x/security/advisories/GHSA-3g76-f9xq-8vp6"
},
{
"category": "external",
"summary": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/381",
"url": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/381"
}
],
"release_date": "2026-05-06T09:55:12.531000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:45:05+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.33.2.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26017"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "eclipse-vertx/vert.x: eclipse-vertx/vert.x: Denial of Service via TLS handshake with wildcard server name"
},
{
"cve": "CVE-2026-44249",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"discovery_date": "2026-06-11T22:02:05.327173+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488081"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in netty-handler, a component of the Netty network application framework. A remote attacker can exploit an incorrect masking operation in the IpSubnetFilterRule.compareTo() function to bypass configured IPv6 subnet rules. This allows valid public IP addresses to circumvent intended network restrictions, potentially leading to unauthorized access or exposure of services.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in netty-handler is rated as Important because a remote attacker can bypass configured IPv6 subnet filtering rules. This flaw, stemming from an incorrect masking operation, could allow unauthorized access to or exposure of services that are intended to be network-restricted within Red Hat products utilizing the affected Netty component.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44249"
},
{
"category": "external",
"summary": "RHBZ#2488081",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488081"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44249",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44249"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44249",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44249"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-3qp7-7mw8-wx86",
"url": "https://github.com/netty/netty/security/advisories/GHSA-3qp7-7mw8-wx86"
}
],
"release_date": "2026-06-11T20:46:14.110000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:45:05+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.33.2.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26017"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation"
},
{
"cve": "CVE-2026-44893",
"cwe": {
"id": "CWE-805",
"name": "Buffer Access with Incorrect Length Value"
},
"discovery_date": "2026-06-12T15:01:18.066312+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488383"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in netty-codec-haproxy, a component of the Netty network application framework. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy message with a malformed PP2_TYPE_SSL TLV (Type-Length-Value) header. This can lead to an IndexOutOfBoundsException and prevent the release of retained memory, ultimately causing a Denial of Service (DoS) condition for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as Important because a remote, unauthenticated attacker can trigger a denial of service in applications utilizing `netty-codec-haproxy`. By sending a specially crafted HAProxy message with a malformed SSL TLV header, an attacker can cause an `IndexOutOfBoundsException`, leading to unreleased memory and resource exhaustion. This can render the affected application unresponsive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44893"
},
{
"category": "external",
"summary": "RHBZ#2488383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488383"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44893",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44893"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44893",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44893"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-cc37-9q2j-3hfv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-cc37-9q2j-3hfv"
}
],
"release_date": "2026-06-12T14:00:25.801000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:45:05+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.33.2.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26017"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message"
},
{
"cve": "CVE-2026-45416",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-06-12T15:01:45.671884+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488391"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a crafted TLS (Transport Layer Security) ClientHello message. This can lead to an eager allocation of a large memory buffer, causing a Denial of Service (DoS) due to excessive memory consumption. The issue occurs in the `SslClientHelloHandler.decode()` method when processing the TLS handshake length.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Netty is rated as Important. It allows a remote attacker to trigger a denial of service by sending a specially crafted TLS ClientHello message. The flaw arises from an eager, unbounded memory allocation during the TLS handshake, particularly when default configurations disable the maximum client hello length guard, leading to excessive resource consumption in affected Red Hat products utilizing Netty.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-45416"
},
{
"category": "external",
"summary": "RHBZ#2488391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488391"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-45416",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45416"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45416",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45416"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-x4gw-5cx5-pgmh",
"url": "https://github.com/netty/netty/security/advisories/GHSA-x4gw-5cx5-pgmh"
}
],
"release_date": "2026-06-12T14:10:05.585000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:45:05+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.33.2.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26017"
},
{
"category": "workaround",
"details": "To mitigate this issue, configure applications utilizing Netty\u0027s `SslClientHelloHandler` to specify a non-zero value for the `maxClientHelloLength` parameter. This will enable the internal length validation, preventing the eager allocation of large memory buffers when processing crafted TLS ClientHello messages. Refer to your specific application\u0027s documentation for details on configuring Netty\u0027s TLS handler. A restart of the affected application or service is required for the configuration changes to take effect.",
"product_ids": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake"
},
{
"cve": "CVE-2026-45673",
"cwe": {
"id": "CWE-1241",
"name": "Use of Predictable Algorithm in Random Number Generator"
},
"discovery_date": "2026-06-12T15:01:28.171757+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488386"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s DNS resolver component. This vulnerability arises from the use of a predictable pseudo-random number generator (PRNG) for DNS transaction IDs and a static User Datagram Protocol (UDP) source port. This combination significantly reduces the randomness of DNS queries, making it easier for a remote attacker to perform DNS Cache Poisoning, also known as a Kaminsky attack. Successful exploitation could allow an attacker to redirect network traffic to malicious servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Moderate: This flaw in Netty\u0027s DNS resolver could allow a remote attacker to perform DNS cache poisoning. The vulnerability stems from the use of a predictable pseudo-random number generator for DNS transaction IDs and a static UDP source port, which reduces the entropy of DNS queries. This makes it easier for an attacker to redirect network traffic to malicious servers, potentially leading to traffic interception or Man-in-the-Middle attacks for applications using the default Netty DNS resolver in Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-45673"
},
{
"category": "external",
"summary": "RHBZ#2488386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488386"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-45673",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45673"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-xmv7-r254-6q78",
"url": "https://github.com/netty/netty/security/advisories/GHSA-xmv7-r254-6q78"
}
],
"release_date": "2026-06-12T14:16:03.968000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:45:05+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.33.2.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26017"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs"
},
{
"cve": "CVE-2026-45674",
"cwe": {
"id": "CWE-346",
"name": "Origin Validation Error"
},
"discovery_date": "2026-06-12T15:02:15.565158+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488400"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s DnsResolveContext. This vulnerability allows a remote attacker to achieve information disclosure or data manipulation by crafting malicious DNS responses. The flaw occurs because the DnsResolveContext fails to validate the origin (bailiwick) of CNAME records in DNS responses, which could enable an attacker to redirect network traffic or intercept sensitive data from affected applications.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important severity flaw in Netty\u0027s DnsResolveContext allows a remote attacker to achieve information disclosure or data manipulation. By crafting malicious DNS responses, an attacker could redirect network traffic or intercept sensitive data, impacting applications utilizing Netty for DNS resolution in Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-45674"
},
{
"category": "external",
"summary": "RHBZ#2488400",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488400"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-45674",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45674"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45674",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45674"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-676x-f7gg-47vc",
"url": "https://github.com/netty/netty/security/advisories/GHSA-676x-f7gg-47vc"
}
],
"release_date": "2026-06-12T14:17:50.203000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:45:05+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.33.2.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26017"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation"
},
{
"cve": "CVE-2026-47244",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-06-12T15:02:11.516632+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488399"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a large number of HTTP/2 stream requests to a Netty HTTP/2 server. If the server does not explicitly limit concurrent streams, it can lead to the allocation of numerous long-lived stream objects. This excessive resource consumption can result in a denial of service (DoS), making the server unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Moderate impact flaw in Netty\u0027s HTTP/2 implementation can lead to a denial of service in Red Hat products that utilize Netty as an HTTP/2 server without explicitly configured limits on concurrent streams. An attacker can exhaust server resources by initiating numerous HTTP/2 stream requests, rendering the service unavailable. The impact is limited to denial of service and requires a specific server configuration to be exploitable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-47244"
},
{
"category": "external",
"summary": "RHBZ#2488399",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488399"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-47244",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47244"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-47244",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47244"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-5x3r-wrvg-rp6q",
"url": "https://github.com/netty/netty/security/advisories/GHSA-5x3r-wrvg-rp6q"
}
],
"release_date": "2026-06-12T14:23:50.316000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:45:05+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.33.2.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26017"
},
{
"category": "workaround",
"details": "Configure affected applications using Netty HTTP/2 servers to explicitly set a maximum concurrent streams limit. Consult product-specific documentation for instructions on how to apply this configuration. Additionally, restrict network access to affected services to trusted clients and networks by implementing firewall rules or other network access controls. This may impact legitimate traffic if not carefully configured.",
"product_ids": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams"
},
{
"cve": "CVE-2026-47691",
"cwe": {
"id": "CWE-346",
"name": "Origin Validation Error"
},
"discovery_date": "2026-06-12T16:02:45.855856+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488439"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s `DnsResolveContext`. An attacker controlling an authoritative name server for a subdomain can exploit this vulnerability by providing crafted NS records that are insufficiently validated. This allows the attacker to poison the DNS cache for parent domains, bypassing standard bailiwick rules. Consequently, future DNS resolutions for the affected parent domain will use the poisoned cache, potentially redirecting users to malicious servers and leading to information disclosure or integrity compromise.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important flaw in Netty\u0027s DNS resolution component, `netty-resolver-dns`, allows for DNS cache poisoning. An attacker with control over an authoritative name server for a subdomain could exploit this vulnerability to inject malicious DNS records into the cache of parent domains. This could lead to redirection of network traffic, impacting the integrity and availability of services relying on DNS resolution within affected Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-47691"
},
{
"category": "external",
"summary": "RHBZ#2488439",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488439"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-47691",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47691"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-47691",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47691"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-5pvg-856g-cp85",
"url": "https://github.com/netty/netty/security/advisories/GHSA-5pvg-856g-cp85"
}
],
"release_date": "2026-06-12T14:33:16.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:45:05+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.33.2.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26017"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records"
},
{
"cve": "CVE-2026-48043",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2026-06-12T16:02:56.371830+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488442"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in netty-codec-http2. A remote attacker could send specially crafted frames that cause a resource leak within the `DelegatingDecompressorFrameListener` class. This resource leak could lead to an Out Of Memory Error (OOME), potentially causing a Denial of Service (DoS) by taking down the entire Java Virtual Machine (JVM).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in netty-codec-http2, affecting Red Hat products that utilize HTTP/2 communication with decompression. A remote attacker can exploit a resource leak in the `DelegatingDecompressorFrameListener` by sending malformed HTTP/2 frames, potentially leading to an Out Of Memory Error and causing the Java Virtual Machine to terminate. This could disrupt service availability in affected deployments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-48043"
},
{
"category": "external",
"summary": "RHBZ#2488442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488442"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-48043",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48043"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-48043",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48043"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-c2gf-v879-257j",
"url": "https://github.com/netty/netty/security/advisories/GHSA-c2gf-v879-257j"
}
],
"release_date": "2026-06-12T14:39:52.498000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:45:05+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.33.2.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26017"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak"
},
{
"cve": "CVE-2026-48059",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-06-12T16:02:40.032749+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488437"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Netty HAProxy PROXY protocol v2 codec. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy PROXY protocol v2 header with nested `PP2_TYPE_SSL` type-length-value (TLV) records. This can lead to a memory leak, causing the underlying cumulation buffer to remain permanently pinned and potentially resulting in a Denial of Service (DoS) due to resource exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in the Netty HAProxy PROXY protocol v2 codec, which can lead to a denial of service. A remote attacker can trigger a memory leak by sending a specially crafted HAProxy PROXY protocol v2 header with deeply nested SSL TLV records, causing resource exhaustion in affected Red Hat products that utilize this codec.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-48059"
},
{
"category": "external",
"summary": "RHBZ#2488437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488437"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-48059",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48059"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-48059",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48059"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-h2qv-fj59-j46j",
"url": "https://github.com/netty/netty/security/advisories/GHSA-h2qv-fj59-j46j"
}
],
"release_date": "2026-06-12T14:42:44.677000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:45:05+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.33.2.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26017"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers"
},
{
"cve": "CVE-2026-50010",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-06-12T16:02:13.735675+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488429"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, a network application framework. This vulnerability allows a remote attacker to bypass hostname verification due to improper handling of user-supplied trust managers. When a client is configured with a plain X.509 Trust Manager (X509TrustManager), it fails to perform necessary hostname checks, enabling an attacker to impersonate a legitimate server. This could lead to sensitive information disclosure or man-in-the-middle attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in Netty that affects Red Hat products utilizing the `netty-handler` component, including various Red Hat AMQ, Enterprise Application Platform, and OpenShift offerings. The vulnerability arises when a Netty client is configured with a plain X.509 Trust Manager, leading to a bypass of hostname verification. This oversight allows a remote attacker to perform man-in-the-middle attacks by impersonating a legitimate server, potentially compromising sensitive data.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-50010"
},
{
"category": "external",
"summary": "RHBZ#2488429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488429"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-50010",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50010"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-50010",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50010"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-c653-97m9-rcg9",
"url": "https://github.com/netty/netty/security/advisories/GHSA-c653-97m9-rcg9"
}
],
"release_date": "2026-06-12T14:50:43.151000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:45:05+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.33.2.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26017"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass"
},
{
"cve": "CVE-2026-50020",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-06-12T16:01:51.804290+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488421"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. The HttpObjectDecoder component, which processes incoming HTTP requests, incorrectly skips certain control characters and whitespace before reading the first request line. This behavior, which goes beyond standard HTTP protocol requirements, can lead to request-boundary confusion in systems that use pipelined or multiplexed transports. An attacker could exploit this to cause a front-end component to misinterpret HTTP request boundaries, potentially resulting in low integrity impact, such as unintended data manipulation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Moderate flaw in Netty\u0027s HttpObjectDecoder could lead to data manipulation in Red Hat products utilizing pipelined or multiplexed HTTP transports. The vulnerability arises from the decoder\u0027s over-permissive handling of control characters and whitespace, which can cause front-end components to misinterpret HTTP request boundaries. Exploitation requires a specific network configuration where front-end and back-end components process HTTP requests inconsistently, limiting the immediate impact on default installations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-50020"
},
{
"category": "external",
"summary": "RHBZ#2488421",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488421"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-50020",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50020"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-50020",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50020"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-hvcg-qmg6-jm4c",
"url": "https://github.com/netty/netty/security/advisories/GHSA-hvcg-qmg6-jm4c"
}
],
"release_date": "2026-06-12T14:55:32.165000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:45:05+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.33.2.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26017"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder"
},
{
"cve": "CVE-2026-50559",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-06-09T10:55:32.426000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2486959"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Quarkus. A remote attacker could bypass HTTP path-based authorization policies by using specially crafted encoded semicolons, slashes, or backslashes in HTTP requests. This could allow unauthorized access to protected static resources, leading to information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.quarkus/quarkus-vertx-http: Quarkus: Authorization bypass in HTTP path-based policies via encoded characters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in Quarkus where HTTP path-based authorization policies can be bypassed by a remote attacker. Specially crafted HTTP requests containing encoded semicolons, slashes, or backslashes can circumvent security controls, allowing unauthorized access to protected static resources and leading to information disclosure. This is critical in deployments where Quarkus applications serve sensitive static content and rely solely on path-based authorization.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-50559"
},
{
"category": "external",
"summary": "RHBZ#2486959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2486959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-50559",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50559"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-50559",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50559"
},
{
"category": "external",
"summary": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-qcxp-gm7m-4j5v",
"url": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-qcxp-gm7m-4j5v"
}
],
"release_date": "2026-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:45:05+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.33.2.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26017"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "io.quarkus/quarkus-vertx-http: Quarkus: Authorization bypass in HTTP path-based policies via encoded characters"
},
{
"cve": "CVE-2026-50560",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-06-12T16:00:59.240952+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488407"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, a network application framework. A remote attacker can exploit a vulnerability in the HTTP/2 (Hypertext Transfer Protocol version 2) maximum header size handling. By sending a specific SETTINGS_MAX_HEADER_LIST_SIZE setting, an attacker can cause Netty to produce an exception when writing response headers. This issue is similar to an HTTP/2 Rapid Reset attack and can lead to a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw in Netty\u0027s HTTP/2 protocol handling is rated Moderate. A remote, unauthenticated attacker can trigger a denial of service by sending a crafted `SETTINGS_MAX_HEADER_LIST_SIZE` frame, causing an exception during response header processing. This can disrupt services utilizing Netty for HTTP/2 communication.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-50560"
},
{
"category": "external",
"summary": "RHBZ#2488407",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488407"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-50560",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50560"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-50560",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50560"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-563q-j3cm-6jxm",
"url": "https://github.com/netty/netty/security/advisories/GHSA-563q-j3cm-6jxm"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9113.html#name-defined-settings",
"url": "https://www.rfc-editor.org/rfc/rfc9113.html#name-defined-settings"
}
],
"release_date": "2026-06-12T14:59:59.901000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:45:05+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.33.2.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26017"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.33.2.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling"
}
]
}
RHSA-2026:26018
Vulnerability from csaf_redhat - Published: 2026-06-17 16:18 - Updated: 2026-07-04 11:22A flaw was found in eclipse-vertx/vert.x. A remote attacker can exploit this vulnerability by performing a Transport Layer Security (TLS) handshake and presenting a server name extension with a server wildcard name. This can lead to a denial of service (DoS) condition, impacting the availability of the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.4.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in netty-handler, a component of the Netty network application framework. A remote attacker can exploit an incorrect masking operation in the IpSubnetFilterRule.compareTo() function to bypass configured IPv6 subnet rules. This allows valid public IP addresses to circumvent intended network restrictions, potentially leading to unauthorized access or exposure of services.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.4.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in netty-codec-haproxy, a component of the Netty network application framework. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy message with a malformed PP2_TYPE_SSL TLV (Type-Length-Value) header. This can lead to an IndexOutOfBoundsException and prevent the release of retained memory, ultimately causing a Denial of Service (DoS) condition for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.4.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a crafted TLS (Transport Layer Security) ClientHello message. This can lead to an eager allocation of a large memory buffer, causing a Denial of Service (DoS) due to excessive memory consumption. The issue occurs in the `SslClientHelloHandler.decode()` method when processing the TLS handshake length.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.4.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty's DNS resolver component. This vulnerability arises from the use of a predictable pseudo-random number generator (PRNG) for DNS transaction IDs and a static User Datagram Protocol (UDP) source port. This combination significantly reduces the randomness of DNS queries, making it easier for a remote attacker to perform DNS Cache Poisoning, also known as a Kaminsky attack. Successful exploitation could allow an attacker to redirect network traffic to malicious servers.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.4.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty's DnsResolveContext. This vulnerability allows a remote attacker to achieve information disclosure or data manipulation by crafting malicious DNS responses. The flaw occurs because the DnsResolveContext fails to validate the origin (bailiwick) of CNAME records in DNS responses, which could enable an attacker to redirect network traffic or intercept sensitive data from affected applications.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.4.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a large number of HTTP/2 stream requests to a Netty HTTP/2 server. If the server does not explicitly limit concurrent streams, it can lead to the allocation of numerous long-lived stream objects. This excessive resource consumption can result in a denial of service (DoS), making the server unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.4.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty's `DnsResolveContext`. An attacker controlling an authoritative name server for a subdomain can exploit this vulnerability by providing crafted NS records that are insufficiently validated. This allows the attacker to poison the DNS cache for parent domains, bypassing standard bailiwick rules. Consequently, future DNS resolutions for the affected parent domain will use the poisoned cache, potentially redirecting users to malicious servers and leading to information disclosure or integrity compromise.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.4.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in netty-codec-http2. A remote attacker could send specially crafted frames that cause a resource leak within the `DelegatingDecompressorFrameListener` class. This resource leak could lead to an Out Of Memory Error (OOME), potentially causing a Denial of Service (DoS) by taking down the entire Java Virtual Machine (JVM).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.4.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in the Netty HAProxy PROXY protocol v2 codec. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy PROXY protocol v2 header with nested `PP2_TYPE_SSL` type-length-value (TLV) records. This can lead to a memory leak, causing the underlying cumulation buffer to remain permanently pinned and potentially resulting in a Denial of Service (DoS) due to resource exhaustion.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.4.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty, a network application framework. This vulnerability allows a remote attacker to bypass hostname verification due to improper handling of user-supplied trust managers. When a client is configured with a plain X.509 Trust Manager (X509TrustManager), it fails to perform necessary hostname checks, enabling an attacker to impersonate a legitimate server. This could lead to sensitive information disclosure or man-in-the-middle attacks.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.4.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty. The HttpObjectDecoder component, which processes incoming HTTP requests, incorrectly skips certain control characters and whitespace before reading the first request line. This behavior, which goes beyond standard HTTP protocol requirements, can lead to request-boundary confusion in systems that use pipelined or multiplexed transports. An attacker could exploit this to cause a front-end component to misinterpret HTTP request boundaries, potentially resulting in low integrity impact, such as unintended data manipulation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.4.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Quarkus. A remote attacker could bypass HTTP path-based authorization policies by using specially crafted encoded semicolons, slashes, or backslashes in HTTP requests. This could allow unauthorized access to protected static resources, leading to information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.4.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty, a network application framework. A remote attacker can exploit a vulnerability in the HTTP/2 (Hypertext Transfer Protocol version 2) maximum header size handling. By sending a specific SETTINGS_MAX_HEADER_LIST_SIZE setting, an attacker can cause Netty to produce an exception when writing response headers. This issue is similar to an HTTP/2 Rapid Reset attack and can lead to a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.4.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat build of Quarkus.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat build of Quarkus 3.27.4.SP1 includes the following CVE fixes:\n\n* quarkus-vertx-http: Authentication/Authorization Bypass via Advanced Path Normalization Vulnerabilities [quarkus-3.27] (CVE-2026-50559)\n\n* vertx-core: eclipse-vertx/vert.x: Denial of Service via TLS handshake with wildcard server name [quarkus-3.27] (CVE-2026-6860)\n\n* netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation [quarkus-3.27] (CVE-2026-44249)\n\n* netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message [quarkus-3.27] (CVE-2026-44893)\n\n* netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak [quarkus-3.27] (CVE-2026-48043)\n\n* netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers [quarkus-3.27] (CVE-2026-48059)\n\n* netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records [quarkus-3.27] (CVE-2026-47691)\n\n* netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass [quarkus-3.27] (CVE-2026-50010)\n\n* netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation [quarkus-3.27] (CVE-2026-45674)\n\n* netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake [quarkus-3.27] (CVE-2026-45416)\n\n* netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling [quarkus-3.27] (CVE-2026-50560)\n\n* netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams [quarkus-3.27] (CVE-2026-47244)\n\n* netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder [quarkus-3.27] (CVE-2026-50020)\n\n* netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs [quarkus-3.27] (CVE-2026-45673)\n\nFor more information, see the release notes page listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:26018",
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/products/quarkus/",
"url": "https://access.redhat.com/products/quarkus/"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=redhat.quarkus\u0026downloadType=distributions\u0026version=3.27.4.SP1",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=redhat.quarkus\u0026downloadType=distributions\u0026version=3.27.4.SP1"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_build_of_quarkus/3.27",
"url": "https://docs.redhat.com/en/documentation/red_hat_build_of_quarkus/3.27"
},
{
"category": "external",
"summary": "2486959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2486959"
},
{
"category": "external",
"summary": "QUARKUS-7954",
"url": "https://issues.redhat.com/browse/QUARKUS-7954"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_26018.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Quarkus 3.27.4.SP1 security update",
"tracking": {
"current_release_date": "2026-07-04T11:22:23+00:00",
"generator": {
"date": "2026-07-04T11:22:23+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:26018",
"initial_release_date": "2026-06-17T16:18:16+00:00",
"revision_history": [
{
"date": "2026-06-17T16:18:16+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-17T16:18:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-04T11:22:23+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat build of Quarkus 3.27.4.SP1",
"product": {
"name": "Red Hat build of Quarkus 3.27.4.SP1",
"product_id": "Red Hat build of Quarkus 3.27.4.SP1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quarkus:3.27::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat build of Quarkus"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-6860",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-05-06T10:01:43.929832+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466990"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in eclipse-vertx/vert.x. A remote attacker can exploit this vulnerability by performing a Transport Layer Security (TLS) handshake and presenting a server name extension with a server wildcard name. This can lead to a denial of service (DoS) condition, impacting the availability of the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "eclipse-vertx/vert.x: eclipse-vertx/vert.x: Denial of Service via TLS handshake with wildcard server name",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as Moderate because a remote attacker can trigger a denial of service in Red Hat products that use `eclipse-vertx/vert.x` and are configured with TLS wildcard server names. Exploitation occurs during the TLS handshake, impacting service availability without affecting data confidentiality or integrity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-6860"
},
{
"category": "external",
"summary": "RHBZ#2466990",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466990"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-6860",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6860"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-6860",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6860"
},
{
"category": "external",
"summary": "https://github.com/eclipse-vertx/vert.x/pull/6102",
"url": "https://github.com/eclipse-vertx/vert.x/pull/6102"
},
{
"category": "external",
"summary": "https://github.com/eclipse-vertx/vert.x/security/advisories/GHSA-3g76-f9xq-8vp6",
"url": "https://github.com/eclipse-vertx/vert.x/security/advisories/GHSA-3g76-f9xq-8vp6"
},
{
"category": "external",
"summary": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/381",
"url": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/381"
}
],
"release_date": "2026-05-06T09:55:12.531000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T16:18:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "eclipse-vertx/vert.x: eclipse-vertx/vert.x: Denial of Service via TLS handshake with wildcard server name"
},
{
"cve": "CVE-2026-44249",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"discovery_date": "2026-06-11T22:02:05.327173+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488081"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in netty-handler, a component of the Netty network application framework. A remote attacker can exploit an incorrect masking operation in the IpSubnetFilterRule.compareTo() function to bypass configured IPv6 subnet rules. This allows valid public IP addresses to circumvent intended network restrictions, potentially leading to unauthorized access or exposure of services.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in netty-handler is rated as Important because a remote attacker can bypass configured IPv6 subnet filtering rules. This flaw, stemming from an incorrect masking operation, could allow unauthorized access to or exposure of services that are intended to be network-restricted within Red Hat products utilizing the affected Netty component.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44249"
},
{
"category": "external",
"summary": "RHBZ#2488081",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488081"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44249",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44249"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44249",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44249"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-3qp7-7mw8-wx86",
"url": "https://github.com/netty/netty/security/advisories/GHSA-3qp7-7mw8-wx86"
}
],
"release_date": "2026-06-11T20:46:14.110000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T16:18:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation"
},
{
"cve": "CVE-2026-44893",
"cwe": {
"id": "CWE-805",
"name": "Buffer Access with Incorrect Length Value"
},
"discovery_date": "2026-06-12T15:01:18.066312+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488383"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in netty-codec-haproxy, a component of the Netty network application framework. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy message with a malformed PP2_TYPE_SSL TLV (Type-Length-Value) header. This can lead to an IndexOutOfBoundsException and prevent the release of retained memory, ultimately causing a Denial of Service (DoS) condition for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as Important because a remote, unauthenticated attacker can trigger a denial of service in applications utilizing `netty-codec-haproxy`. By sending a specially crafted HAProxy message with a malformed SSL TLV header, an attacker can cause an `IndexOutOfBoundsException`, leading to unreleased memory and resource exhaustion. This can render the affected application unresponsive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44893"
},
{
"category": "external",
"summary": "RHBZ#2488383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488383"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44893",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44893"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44893",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44893"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-cc37-9q2j-3hfv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-cc37-9q2j-3hfv"
}
],
"release_date": "2026-06-12T14:00:25.801000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T16:18:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message"
},
{
"cve": "CVE-2026-45416",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-06-12T15:01:45.671884+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488391"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a crafted TLS (Transport Layer Security) ClientHello message. This can lead to an eager allocation of a large memory buffer, causing a Denial of Service (DoS) due to excessive memory consumption. The issue occurs in the `SslClientHelloHandler.decode()` method when processing the TLS handshake length.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Netty is rated as Important. It allows a remote attacker to trigger a denial of service by sending a specially crafted TLS ClientHello message. The flaw arises from an eager, unbounded memory allocation during the TLS handshake, particularly when default configurations disable the maximum client hello length guard, leading to excessive resource consumption in affected Red Hat products utilizing Netty.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-45416"
},
{
"category": "external",
"summary": "RHBZ#2488391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488391"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-45416",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45416"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45416",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45416"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-x4gw-5cx5-pgmh",
"url": "https://github.com/netty/netty/security/advisories/GHSA-x4gw-5cx5-pgmh"
}
],
"release_date": "2026-06-12T14:10:05.585000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T16:18:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "workaround",
"details": "To mitigate this issue, configure applications utilizing Netty\u0027s `SslClientHelloHandler` to specify a non-zero value for the `maxClientHelloLength` parameter. This will enable the internal length validation, preventing the eager allocation of large memory buffers when processing crafted TLS ClientHello messages. Refer to your specific application\u0027s documentation for details on configuring Netty\u0027s TLS handler. A restart of the affected application or service is required for the configuration changes to take effect.",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake"
},
{
"cve": "CVE-2026-45673",
"cwe": {
"id": "CWE-1241",
"name": "Use of Predictable Algorithm in Random Number Generator"
},
"discovery_date": "2026-06-12T15:01:28.171757+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488386"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s DNS resolver component. This vulnerability arises from the use of a predictable pseudo-random number generator (PRNG) for DNS transaction IDs and a static User Datagram Protocol (UDP) source port. This combination significantly reduces the randomness of DNS queries, making it easier for a remote attacker to perform DNS Cache Poisoning, also known as a Kaminsky attack. Successful exploitation could allow an attacker to redirect network traffic to malicious servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Moderate: This flaw in Netty\u0027s DNS resolver could allow a remote attacker to perform DNS cache poisoning. The vulnerability stems from the use of a predictable pseudo-random number generator for DNS transaction IDs and a static UDP source port, which reduces the entropy of DNS queries. This makes it easier for an attacker to redirect network traffic to malicious servers, potentially leading to traffic interception or Man-in-the-Middle attacks for applications using the default Netty DNS resolver in Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-45673"
},
{
"category": "external",
"summary": "RHBZ#2488386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488386"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-45673",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45673"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-xmv7-r254-6q78",
"url": "https://github.com/netty/netty/security/advisories/GHSA-xmv7-r254-6q78"
}
],
"release_date": "2026-06-12T14:16:03.968000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T16:18:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs"
},
{
"cve": "CVE-2026-45674",
"cwe": {
"id": "CWE-346",
"name": "Origin Validation Error"
},
"discovery_date": "2026-06-12T15:02:15.565158+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488400"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s DnsResolveContext. This vulnerability allows a remote attacker to achieve information disclosure or data manipulation by crafting malicious DNS responses. The flaw occurs because the DnsResolveContext fails to validate the origin (bailiwick) of CNAME records in DNS responses, which could enable an attacker to redirect network traffic or intercept sensitive data from affected applications.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important severity flaw in Netty\u0027s DnsResolveContext allows a remote attacker to achieve information disclosure or data manipulation. By crafting malicious DNS responses, an attacker could redirect network traffic or intercept sensitive data, impacting applications utilizing Netty for DNS resolution in Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-45674"
},
{
"category": "external",
"summary": "RHBZ#2488400",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488400"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-45674",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45674"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45674",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45674"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-676x-f7gg-47vc",
"url": "https://github.com/netty/netty/security/advisories/GHSA-676x-f7gg-47vc"
}
],
"release_date": "2026-06-12T14:17:50.203000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T16:18:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation"
},
{
"cve": "CVE-2026-47244",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-06-12T15:02:11.516632+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488399"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a large number of HTTP/2 stream requests to a Netty HTTP/2 server. If the server does not explicitly limit concurrent streams, it can lead to the allocation of numerous long-lived stream objects. This excessive resource consumption can result in a denial of service (DoS), making the server unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Moderate impact flaw in Netty\u0027s HTTP/2 implementation can lead to a denial of service in Red Hat products that utilize Netty as an HTTP/2 server without explicitly configured limits on concurrent streams. An attacker can exhaust server resources by initiating numerous HTTP/2 stream requests, rendering the service unavailable. The impact is limited to denial of service and requires a specific server configuration to be exploitable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-47244"
},
{
"category": "external",
"summary": "RHBZ#2488399",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488399"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-47244",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47244"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-47244",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47244"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-5x3r-wrvg-rp6q",
"url": "https://github.com/netty/netty/security/advisories/GHSA-5x3r-wrvg-rp6q"
}
],
"release_date": "2026-06-12T14:23:50.316000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T16:18:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "workaround",
"details": "Configure affected applications using Netty HTTP/2 servers to explicitly set a maximum concurrent streams limit. Consult product-specific documentation for instructions on how to apply this configuration. Additionally, restrict network access to affected services to trusted clients and networks by implementing firewall rules or other network access controls. This may impact legitimate traffic if not carefully configured.",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams"
},
{
"cve": "CVE-2026-47691",
"cwe": {
"id": "CWE-346",
"name": "Origin Validation Error"
},
"discovery_date": "2026-06-12T16:02:45.855856+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488439"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s `DnsResolveContext`. An attacker controlling an authoritative name server for a subdomain can exploit this vulnerability by providing crafted NS records that are insufficiently validated. This allows the attacker to poison the DNS cache for parent domains, bypassing standard bailiwick rules. Consequently, future DNS resolutions for the affected parent domain will use the poisoned cache, potentially redirecting users to malicious servers and leading to information disclosure or integrity compromise.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important flaw in Netty\u0027s DNS resolution component, `netty-resolver-dns`, allows for DNS cache poisoning. An attacker with control over an authoritative name server for a subdomain could exploit this vulnerability to inject malicious DNS records into the cache of parent domains. This could lead to redirection of network traffic, impacting the integrity and availability of services relying on DNS resolution within affected Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-47691"
},
{
"category": "external",
"summary": "RHBZ#2488439",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488439"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-47691",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47691"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-47691",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47691"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-5pvg-856g-cp85",
"url": "https://github.com/netty/netty/security/advisories/GHSA-5pvg-856g-cp85"
}
],
"release_date": "2026-06-12T14:33:16.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T16:18:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records"
},
{
"cve": "CVE-2026-48043",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2026-06-12T16:02:56.371830+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488442"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in netty-codec-http2. A remote attacker could send specially crafted frames that cause a resource leak within the `DelegatingDecompressorFrameListener` class. This resource leak could lead to an Out Of Memory Error (OOME), potentially causing a Denial of Service (DoS) by taking down the entire Java Virtual Machine (JVM).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in netty-codec-http2, affecting Red Hat products that utilize HTTP/2 communication with decompression. A remote attacker can exploit a resource leak in the `DelegatingDecompressorFrameListener` by sending malformed HTTP/2 frames, potentially leading to an Out Of Memory Error and causing the Java Virtual Machine to terminate. This could disrupt service availability in affected deployments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-48043"
},
{
"category": "external",
"summary": "RHBZ#2488442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488442"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-48043",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48043"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-48043",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48043"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-c2gf-v879-257j",
"url": "https://github.com/netty/netty/security/advisories/GHSA-c2gf-v879-257j"
}
],
"release_date": "2026-06-12T14:39:52.498000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T16:18:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak"
},
{
"cve": "CVE-2026-48059",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-06-12T16:02:40.032749+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488437"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Netty HAProxy PROXY protocol v2 codec. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy PROXY protocol v2 header with nested `PP2_TYPE_SSL` type-length-value (TLV) records. This can lead to a memory leak, causing the underlying cumulation buffer to remain permanently pinned and potentially resulting in a Denial of Service (DoS) due to resource exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in the Netty HAProxy PROXY protocol v2 codec, which can lead to a denial of service. A remote attacker can trigger a memory leak by sending a specially crafted HAProxy PROXY protocol v2 header with deeply nested SSL TLV records, causing resource exhaustion in affected Red Hat products that utilize this codec.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-48059"
},
{
"category": "external",
"summary": "RHBZ#2488437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488437"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-48059",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48059"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-48059",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48059"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-h2qv-fj59-j46j",
"url": "https://github.com/netty/netty/security/advisories/GHSA-h2qv-fj59-j46j"
}
],
"release_date": "2026-06-12T14:42:44.677000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T16:18:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers"
},
{
"cve": "CVE-2026-50010",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-06-12T16:02:13.735675+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488429"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, a network application framework. This vulnerability allows a remote attacker to bypass hostname verification due to improper handling of user-supplied trust managers. When a client is configured with a plain X.509 Trust Manager (X509TrustManager), it fails to perform necessary hostname checks, enabling an attacker to impersonate a legitimate server. This could lead to sensitive information disclosure or man-in-the-middle attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in Netty that affects Red Hat products utilizing the `netty-handler` component, including various Red Hat AMQ, Enterprise Application Platform, and OpenShift offerings. The vulnerability arises when a Netty client is configured with a plain X.509 Trust Manager, leading to a bypass of hostname verification. This oversight allows a remote attacker to perform man-in-the-middle attacks by impersonating a legitimate server, potentially compromising sensitive data.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-50010"
},
{
"category": "external",
"summary": "RHBZ#2488429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488429"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-50010",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50010"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-50010",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50010"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-c653-97m9-rcg9",
"url": "https://github.com/netty/netty/security/advisories/GHSA-c653-97m9-rcg9"
}
],
"release_date": "2026-06-12T14:50:43.151000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T16:18:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass"
},
{
"cve": "CVE-2026-50020",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-06-12T16:01:51.804290+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488421"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. The HttpObjectDecoder component, which processes incoming HTTP requests, incorrectly skips certain control characters and whitespace before reading the first request line. This behavior, which goes beyond standard HTTP protocol requirements, can lead to request-boundary confusion in systems that use pipelined or multiplexed transports. An attacker could exploit this to cause a front-end component to misinterpret HTTP request boundaries, potentially resulting in low integrity impact, such as unintended data manipulation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Moderate flaw in Netty\u0027s HttpObjectDecoder could lead to data manipulation in Red Hat products utilizing pipelined or multiplexed HTTP transports. The vulnerability arises from the decoder\u0027s over-permissive handling of control characters and whitespace, which can cause front-end components to misinterpret HTTP request boundaries. Exploitation requires a specific network configuration where front-end and back-end components process HTTP requests inconsistently, limiting the immediate impact on default installations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-50020"
},
{
"category": "external",
"summary": "RHBZ#2488421",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488421"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-50020",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50020"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-50020",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50020"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-hvcg-qmg6-jm4c",
"url": "https://github.com/netty/netty/security/advisories/GHSA-hvcg-qmg6-jm4c"
}
],
"release_date": "2026-06-12T14:55:32.165000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T16:18:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder"
},
{
"cve": "CVE-2026-50559",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-06-09T10:55:32.426000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2486959"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Quarkus. A remote attacker could bypass HTTP path-based authorization policies by using specially crafted encoded semicolons, slashes, or backslashes in HTTP requests. This could allow unauthorized access to protected static resources, leading to information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.quarkus/quarkus-vertx-http: Quarkus: Authorization bypass in HTTP path-based policies via encoded characters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in Quarkus where HTTP path-based authorization policies can be bypassed by a remote attacker. Specially crafted HTTP requests containing encoded semicolons, slashes, or backslashes can circumvent security controls, allowing unauthorized access to protected static resources and leading to information disclosure. This is critical in deployments where Quarkus applications serve sensitive static content and rely solely on path-based authorization.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-50559"
},
{
"category": "external",
"summary": "RHBZ#2486959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2486959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-50559",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50559"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-50559",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50559"
},
{
"category": "external",
"summary": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-qcxp-gm7m-4j5v",
"url": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-qcxp-gm7m-4j5v"
}
],
"release_date": "2026-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T16:18:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "io.quarkus/quarkus-vertx-http: Quarkus: Authorization bypass in HTTP path-based policies via encoded characters"
},
{
"cve": "CVE-2026-50560",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-06-12T16:00:59.240952+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488407"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, a network application framework. A remote attacker can exploit a vulnerability in the HTTP/2 (Hypertext Transfer Protocol version 2) maximum header size handling. By sending a specific SETTINGS_MAX_HEADER_LIST_SIZE setting, an attacker can cause Netty to produce an exception when writing response headers. This issue is similar to an HTTP/2 Rapid Reset attack and can lead to a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw in Netty\u0027s HTTP/2 protocol handling is rated Moderate. A remote, unauthenticated attacker can trigger a denial of service by sending a crafted `SETTINGS_MAX_HEADER_LIST_SIZE` frame, causing an exception during response header processing. This can disrupt services utilizing Netty for HTTP/2 communication.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-50560"
},
{
"category": "external",
"summary": "RHBZ#2488407",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488407"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-50560",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50560"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-50560",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50560"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-563q-j3cm-6jxm",
"url": "https://github.com/netty/netty/security/advisories/GHSA-563q-j3cm-6jxm"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9113.html#name-defined-settings",
"url": "https://www.rfc-editor.org/rfc/rfc9113.html#name-defined-settings"
}
],
"release_date": "2026-06-12T14:59:59.901000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T16:18:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling"
}
]
}
RHSA-2026:26586
Vulnerability from csaf_redhat - Published: 2026-06-17 23:05 - Updated: 2026-07-04 11:22A flaw was found in Apache Thrift. This vulnerability involves a Memory Allocation with Excessive Size Value, which could allow an attacker to trigger resource exhaustion. By providing an overly large size value during memory allocation, an attacker can cause the affected system to become unresponsive, leading to a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_quarkus:3.33
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Apache Thrift. This vulnerability involves improper validation of a certificate with a host mismatch, which could allow a remote attacker to bypass security checks. By presenting a specially crafted certificate, an attacker may impersonate a legitimate server or client. This could lead to a security bypass, potentially enabling unauthorized access or information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_quarkus:3.33
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in netty-handler, a component of the Netty network application framework. A remote attacker can exploit an incorrect masking operation in the IpSubnetFilterRule.compareTo() function to bypass configured IPv6 subnet rules. This allows valid public IP addresses to circumvent intended network restrictions, potentially leading to unauthorized access or exposure of services.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_quarkus:3.33
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in netty-codec-haproxy, a component of the Netty network application framework. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy message with a malformed PP2_TYPE_SSL TLV (Type-Length-Value) header. This can lead to an IndexOutOfBoundsException and prevent the release of retained memory, ultimately causing a Denial of Service (DoS) condition for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_quarkus:3.33
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a crafted TLS (Transport Layer Security) ClientHello message. This can lead to an eager allocation of a large memory buffer, causing a Denial of Service (DoS) due to excessive memory consumption. The issue occurs in the `SslClientHelloHandler.decode()` method when processing the TLS handshake length.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_quarkus:3.33
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty's DnsResolveContext. This vulnerability allows a remote attacker to achieve information disclosure or data manipulation by crafting malicious DNS responses. The flaw occurs because the DnsResolveContext fails to validate the origin (bailiwick) of CNAME records in DNS responses, which could enable an attacker to redirect network traffic or intercept sensitive data from affected applications.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_quarkus:3.33
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty's `DnsResolveContext`. An attacker controlling an authoritative name server for a subdomain can exploit this vulnerability by providing crafted NS records that are insufficiently validated. This allows the attacker to poison the DNS cache for parent domains, bypassing standard bailiwick rules. Consequently, future DNS resolutions for the affected parent domain will use the poisoned cache, potentially redirecting users to malicious servers and leading to information disclosure or integrity compromise.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_quarkus:3.33
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in netty-codec-http2. A remote attacker could send specially crafted frames that cause a resource leak within the `DelegatingDecompressorFrameListener` class. This resource leak could lead to an Out Of Memory Error (OOME), potentially causing a Denial of Service (DoS) by taking down the entire Java Virtual Machine (JVM).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_quarkus:3.33
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in the Netty HAProxy PROXY protocol v2 codec. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy PROXY protocol v2 header with nested `PP2_TYPE_SSL` type-length-value (TLV) records. This can lead to a memory leak, causing the underlying cumulation buffer to remain permanently pinned and potentially resulting in a Denial of Service (DoS) due to resource exhaustion.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_quarkus:3.33
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty, a network application framework. This vulnerability allows a remote attacker to bypass hostname verification due to improper handling of user-supplied trust managers. When a client is configured with a plain X.509 Trust Manager (X509TrustManager), it fails to perform necessary hostname checks, enabling an attacker to impersonate a legitimate server. This could lead to sensitive information disclosure or man-in-the-middle attacks.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_quarkus:3.33
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Quarkus. A remote attacker could bypass HTTP path-based authorization policies by using specially crafted encoded semicolons, slashes, or backslashes in HTTP requests. This could allow unauthorized access to protected static resources, leading to information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1
Red Hat / Red Hat Build of Apache Camel
|
cpe:/a:redhat:apache_camel_quarkus:3.33
|
— |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update for Red Hat build of Apache Camel 4.18 for Quarkus 3.33 is now available.\n\nThis text-only errata provides information about enhancements that improve your developer experience and ensure the security and stability of your applications.\n\nRed Hat Product Security has rated this update as having a security impact of Important.",
"title": "Topic"
},
{
"category": "general",
"text": "A security update for Red Hat build of Apache Camel 4.18 for Quarkus 3.33 is now available and includes the following CVE fixes:\n\n* netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake [rhboac-camel-quarkus-3] (CVE-2026-45416)\n* netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation [rhboac-camel-quarkus-3] (CVE-2026-45674)\n* netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass [rhboac-camel-quarkus-3] (CVE-2026-50010)\n* netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records [rhboac-camel-quarkus-3] (CVE-2026-47691)\n* netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers [rhboac-camel-quarkus-3] (CVE-2026-48059)\n* netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak [rhboac-camel-quarkus-3] (CVE-2026-48043)\n* netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message [rhboac-camel-quarkus-3] (CVE-2026-44893)\n* netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation [rhboac-camel-quarkus-3] (CVE-2026-44249)\n* quarkus-vertx-http: Authentication/Authorization Bypass via Advanced Path Normalization Vulnerabilities [rhboac-camel-quarkus-3] (CVE-2026-50559)\n* libthrift: Apache Thrift: Denial of Service via excessive memory allocation [rhboac-camel-quarkus-3] (CVE-2026-43868)\n* libthrift: Apache Thrift: Security bypass due to improper certificate validation [rhboac-camel-quarkus-3] (CVE-2026-43869)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:26586",
"url": "https://access.redhat.com/errata/RHSA-2026:26586"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-45416",
"url": "https://access.redhat.com/security/cve/CVE-2026-45416"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-45674",
"url": "https://access.redhat.com/security/cve/CVE-2026-45674"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-50010",
"url": "https://access.redhat.com/security/cve/CVE-2026-50010"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-47691",
"url": "https://access.redhat.com/security/cve/CVE-2026-47691"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-48059",
"url": "https://access.redhat.com/security/cve/CVE-2026-48059"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-48043",
"url": "https://access.redhat.com/security/cve/CVE-2026-48043"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44893",
"url": "https://access.redhat.com/security/cve/CVE-2026-44893"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-44249",
"url": "https://access.redhat.com/security/cve/CVE-2026-44249"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-50559",
"url": "https://access.redhat.com/security/cve/CVE-2026-50559"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-43868",
"url": "https://access.redhat.com/security/cve/CVE-2026-43868"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-43869",
"url": "https://access.redhat.com/security/cve/CVE-2026-43869"
},
{
"category": "external",
"summary": "2466660",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466660"
},
{
"category": "external",
"summary": "2466670",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466670"
},
{
"category": "external",
"summary": "2486959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2486959"
},
{
"category": "external",
"summary": "2488081",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488081"
},
{
"category": "external",
"summary": "2488383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488383"
},
{
"category": "external",
"summary": "2488391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488391"
},
{
"category": "external",
"summary": "2488400",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488400"
},
{
"category": "external",
"summary": "2488429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488429"
},
{
"category": "external",
"summary": "2488437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488437"
},
{
"category": "external",
"summary": "2488439",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488439"
},
{
"category": "external",
"summary": "2488442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488442"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_26586.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Apache Camel 4.18 for Quarkus 3.33 security update",
"tracking": {
"current_release_date": "2026-07-04T11:22:21+00:00",
"generator": {
"date": "2026-07-04T11:22:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:26586",
"initial_release_date": "2026-06-17T23:05:24+00:00",
"revision_history": [
{
"date": "2026-06-17T23:05:24+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-17T23:05:24+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-04T11:22:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1",
"product": {
"name": "Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1",
"product_id": "Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:apache_camel_quarkus:3.33"
}
}
}
],
"category": "product_family",
"name": "Red Hat Build of Apache Camel"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-43868",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"discovery_date": "2026-05-05T09:00:59.745740+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466670"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Thrift. This vulnerability involves a Memory Allocation with Excessive Size Value, which could allow an attacker to trigger resource exhaustion. By providing an overly large size value during memory allocation, an attacker can cause the affected system to become unresponsive, leading to a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Apache Thrift: Apache Thrift: Denial of Service via excessive memory allocation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-43868"
},
{
"category": "external",
"summary": "RHBZ#2466670",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466670"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-43868",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-43868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43868"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/zj76dtwnbbs1m7z3focf4wd51pqpsmn9",
"url": "https://lists.apache.org/thread/zj76dtwnbbs1m7z3focf4wd51pqpsmn9"
}
],
"release_date": "2026-05-05T07:49:47.754000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T23:05:24+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26586"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Apache Thrift: Apache Thrift: Denial of Service via excessive memory allocation"
},
{
"cve": "CVE-2026-43869",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-05-05T08:00:56.417384+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466660"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Thrift. This vulnerability involves improper validation of a certificate with a host mismatch, which could allow a remote attacker to bypass security checks. By presenting a specially crafted certificate, an attacker may impersonate a legitimate server or client. This could lead to a security bypass, potentially enabling unauthorized access or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Apache Thrift: Apache Thrift: Security bypass due to improper certificate validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-43869"
},
{
"category": "external",
"summary": "RHBZ#2466660",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466660"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-43869",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-43869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43869"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/3hsgl1b69wzq3ry39scqbv2dhyl3j52r",
"url": "https://lists.apache.org/thread/3hsgl1b69wzq3ry39scqbv2dhyl3j52r"
}
],
"release_date": "2026-05-05T07:25:48.611000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T23:05:24+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26586"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Apache Thrift: Apache Thrift: Security bypass due to improper certificate validation"
},
{
"cve": "CVE-2026-44249",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"discovery_date": "2026-06-11T22:02:05.327173+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488081"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in netty-handler, a component of the Netty network application framework. A remote attacker can exploit an incorrect masking operation in the IpSubnetFilterRule.compareTo() function to bypass configured IPv6 subnet rules. This allows valid public IP addresses to circumvent intended network restrictions, potentially leading to unauthorized access or exposure of services.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in netty-handler is rated as Important because a remote attacker can bypass configured IPv6 subnet filtering rules. This flaw, stemming from an incorrect masking operation, could allow unauthorized access to or exposure of services that are intended to be network-restricted within Red Hat products utilizing the affected Netty component.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44249"
},
{
"category": "external",
"summary": "RHBZ#2488081",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488081"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44249",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44249"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44249",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44249"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-3qp7-7mw8-wx86",
"url": "https://github.com/netty/netty/security/advisories/GHSA-3qp7-7mw8-wx86"
}
],
"release_date": "2026-06-11T20:46:14.110000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T23:05:24+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26586"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation"
},
{
"cve": "CVE-2026-44893",
"cwe": {
"id": "CWE-805",
"name": "Buffer Access with Incorrect Length Value"
},
"discovery_date": "2026-06-12T15:01:18.066312+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488383"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in netty-codec-haproxy, a component of the Netty network application framework. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy message with a malformed PP2_TYPE_SSL TLV (Type-Length-Value) header. This can lead to an IndexOutOfBoundsException and prevent the release of retained memory, ultimately causing a Denial of Service (DoS) condition for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as Important because a remote, unauthenticated attacker can trigger a denial of service in applications utilizing `netty-codec-haproxy`. By sending a specially crafted HAProxy message with a malformed SSL TLV header, an attacker can cause an `IndexOutOfBoundsException`, leading to unreleased memory and resource exhaustion. This can render the affected application unresponsive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44893"
},
{
"category": "external",
"summary": "RHBZ#2488383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488383"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44893",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44893"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44893",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44893"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-cc37-9q2j-3hfv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-cc37-9q2j-3hfv"
}
],
"release_date": "2026-06-12T14:00:25.801000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T23:05:24+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26586"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message"
},
{
"cve": "CVE-2026-45416",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-06-12T15:01:45.671884+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488391"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a crafted TLS (Transport Layer Security) ClientHello message. This can lead to an eager allocation of a large memory buffer, causing a Denial of Service (DoS) due to excessive memory consumption. The issue occurs in the `SslClientHelloHandler.decode()` method when processing the TLS handshake length.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Netty is rated as Important. It allows a remote attacker to trigger a denial of service by sending a specially crafted TLS ClientHello message. The flaw arises from an eager, unbounded memory allocation during the TLS handshake, particularly when default configurations disable the maximum client hello length guard, leading to excessive resource consumption in affected Red Hat products utilizing Netty.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-45416"
},
{
"category": "external",
"summary": "RHBZ#2488391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488391"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-45416",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45416"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45416",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45416"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-x4gw-5cx5-pgmh",
"url": "https://github.com/netty/netty/security/advisories/GHSA-x4gw-5cx5-pgmh"
}
],
"release_date": "2026-06-12T14:10:05.585000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T23:05:24+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26586"
},
{
"category": "workaround",
"details": "To mitigate this issue, configure applications utilizing Netty\u0027s `SslClientHelloHandler` to specify a non-zero value for the `maxClientHelloLength` parameter. This will enable the internal length validation, preventing the eager allocation of large memory buffers when processing crafted TLS ClientHello messages. Refer to your specific application\u0027s documentation for details on configuring Netty\u0027s TLS handler. A restart of the affected application or service is required for the configuration changes to take effect.",
"product_ids": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake"
},
{
"cve": "CVE-2026-45674",
"cwe": {
"id": "CWE-346",
"name": "Origin Validation Error"
},
"discovery_date": "2026-06-12T15:02:15.565158+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488400"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s DnsResolveContext. This vulnerability allows a remote attacker to achieve information disclosure or data manipulation by crafting malicious DNS responses. The flaw occurs because the DnsResolveContext fails to validate the origin (bailiwick) of CNAME records in DNS responses, which could enable an attacker to redirect network traffic or intercept sensitive data from affected applications.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important severity flaw in Netty\u0027s DnsResolveContext allows a remote attacker to achieve information disclosure or data manipulation. By crafting malicious DNS responses, an attacker could redirect network traffic or intercept sensitive data, impacting applications utilizing Netty for DNS resolution in Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-45674"
},
{
"category": "external",
"summary": "RHBZ#2488400",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488400"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-45674",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45674"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45674",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45674"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-676x-f7gg-47vc",
"url": "https://github.com/netty/netty/security/advisories/GHSA-676x-f7gg-47vc"
}
],
"release_date": "2026-06-12T14:17:50.203000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T23:05:24+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26586"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation"
},
{
"cve": "CVE-2026-47691",
"cwe": {
"id": "CWE-346",
"name": "Origin Validation Error"
},
"discovery_date": "2026-06-12T16:02:45.855856+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488439"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s `DnsResolveContext`. An attacker controlling an authoritative name server for a subdomain can exploit this vulnerability by providing crafted NS records that are insufficiently validated. This allows the attacker to poison the DNS cache for parent domains, bypassing standard bailiwick rules. Consequently, future DNS resolutions for the affected parent domain will use the poisoned cache, potentially redirecting users to malicious servers and leading to information disclosure or integrity compromise.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important flaw in Netty\u0027s DNS resolution component, `netty-resolver-dns`, allows for DNS cache poisoning. An attacker with control over an authoritative name server for a subdomain could exploit this vulnerability to inject malicious DNS records into the cache of parent domains. This could lead to redirection of network traffic, impacting the integrity and availability of services relying on DNS resolution within affected Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-47691"
},
{
"category": "external",
"summary": "RHBZ#2488439",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488439"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-47691",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47691"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-47691",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47691"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-5pvg-856g-cp85",
"url": "https://github.com/netty/netty/security/advisories/GHSA-5pvg-856g-cp85"
}
],
"release_date": "2026-06-12T14:33:16.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T23:05:24+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26586"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records"
},
{
"cve": "CVE-2026-48043",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2026-06-12T16:02:56.371830+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488442"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in netty-codec-http2. A remote attacker could send specially crafted frames that cause a resource leak within the `DelegatingDecompressorFrameListener` class. This resource leak could lead to an Out Of Memory Error (OOME), potentially causing a Denial of Service (DoS) by taking down the entire Java Virtual Machine (JVM).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in netty-codec-http2, affecting Red Hat products that utilize HTTP/2 communication with decompression. A remote attacker can exploit a resource leak in the `DelegatingDecompressorFrameListener` by sending malformed HTTP/2 frames, potentially leading to an Out Of Memory Error and causing the Java Virtual Machine to terminate. This could disrupt service availability in affected deployments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-48043"
},
{
"category": "external",
"summary": "RHBZ#2488442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488442"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-48043",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48043"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-48043",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48043"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-c2gf-v879-257j",
"url": "https://github.com/netty/netty/security/advisories/GHSA-c2gf-v879-257j"
}
],
"release_date": "2026-06-12T14:39:52.498000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T23:05:24+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26586"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak"
},
{
"cve": "CVE-2026-48059",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-06-12T16:02:40.032749+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488437"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Netty HAProxy PROXY protocol v2 codec. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy PROXY protocol v2 header with nested `PP2_TYPE_SSL` type-length-value (TLV) records. This can lead to a memory leak, causing the underlying cumulation buffer to remain permanently pinned and potentially resulting in a Denial of Service (DoS) due to resource exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in the Netty HAProxy PROXY protocol v2 codec, which can lead to a denial of service. A remote attacker can trigger a memory leak by sending a specially crafted HAProxy PROXY protocol v2 header with deeply nested SSL TLV records, causing resource exhaustion in affected Red Hat products that utilize this codec.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-48059"
},
{
"category": "external",
"summary": "RHBZ#2488437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488437"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-48059",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48059"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-48059",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48059"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-h2qv-fj59-j46j",
"url": "https://github.com/netty/netty/security/advisories/GHSA-h2qv-fj59-j46j"
}
],
"release_date": "2026-06-12T14:42:44.677000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T23:05:24+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26586"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers"
},
{
"cve": "CVE-2026-50010",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-06-12T16:02:13.735675+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488429"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, a network application framework. This vulnerability allows a remote attacker to bypass hostname verification due to improper handling of user-supplied trust managers. When a client is configured with a plain X.509 Trust Manager (X509TrustManager), it fails to perform necessary hostname checks, enabling an attacker to impersonate a legitimate server. This could lead to sensitive information disclosure or man-in-the-middle attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in Netty that affects Red Hat products utilizing the `netty-handler` component, including various Red Hat AMQ, Enterprise Application Platform, and OpenShift offerings. The vulnerability arises when a Netty client is configured with a plain X.509 Trust Manager, leading to a bypass of hostname verification. This oversight allows a remote attacker to perform man-in-the-middle attacks by impersonating a legitimate server, potentially compromising sensitive data.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-50010"
},
{
"category": "external",
"summary": "RHBZ#2488429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488429"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-50010",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50010"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-50010",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50010"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-c653-97m9-rcg9",
"url": "https://github.com/netty/netty/security/advisories/GHSA-c653-97m9-rcg9"
}
],
"release_date": "2026-06-12T14:50:43.151000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T23:05:24+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26586"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass"
},
{
"cve": "CVE-2026-50559",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-06-09T10:55:32.426000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2486959"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Quarkus. A remote attacker could bypass HTTP path-based authorization policies by using specially crafted encoded semicolons, slashes, or backslashes in HTTP requests. This could allow unauthorized access to protected static resources, leading to information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.quarkus/quarkus-vertx-http: Quarkus: Authorization bypass in HTTP path-based policies via encoded characters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in Quarkus where HTTP path-based authorization policies can be bypassed by a remote attacker. Specially crafted HTTP requests containing encoded semicolons, slashes, or backslashes can circumvent security controls, allowing unauthorized access to protected static resources and leading to information disclosure. This is critical in deployments where Quarkus applications serve sensitive static content and rely solely on path-based authorization.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-50559"
},
{
"category": "external",
"summary": "RHBZ#2486959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2486959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-50559",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50559"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-50559",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50559"
},
{
"category": "external",
"summary": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-qcxp-gm7m-4j5v",
"url": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-qcxp-gm7m-4j5v"
}
],
"release_date": "2026-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T23:05:24+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26586"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "io.quarkus/quarkus-vertx-http: Quarkus: Authorization bypass in HTTP path-based policies via encoded characters"
}
]
}
RHSA-2026:34608
Vulnerability from csaf_redhat - Published: 2026-07-02 00:03 - Updated: 2026-07-04 11:22A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
|
A flaw was found in Lodash. A prototype pollution vulnerability in the _.unset and _.omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw in Netty’s HTTP/1.1 chunked encoding parser allows newline (LF) characters in chunk extensions to be incorrectly treated as the end of the chunk-size line instead of requiring the proper CRLF sequence. This discrepancy can be exploited in rare cases where a reverse proxy interprets the same input differently, potentially enabling HTTP request smuggling attacks such as bypassing access controls or corrupting responses.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink. Additionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in eclipse-vertx/vert.x. A remote attacker can exploit this vulnerability by performing a Transport Layer Security (TLS) handshake and presenting a server name extension with a server wildcard name. This can lead to a denial of service (DoS) condition, impacting the availability of the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in React Server Components. A remote attacker can exploit this vulnerability by sending specially crafted HTTP requests to Server Function endpoints. This can lead to a Denial of Service (DoS), causing server crashes, out-of-memory exceptions, or excessive CPU usage, thereby impacting the availability of applications.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
|
A flaw was found in Apache ZooKeeper. The ZKTrustManager component's hostname verification process can fall back to reverse DNS (PTR) lookup when IP Subject Alternative Name (SAN) validation fails. This vulnerability allows an attacker who can control or spoof PTR records to impersonate ZooKeeper servers or clients, provided they possess a valid certificate for the PTR name. This could lead to unauthorized access or manipulation of ZooKeeper services.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Apache ZooKeeper. Improper handling of configuration values in ZKConfig allows an attacker to expose sensitive information. This occurs when sensitive client configuration values are logged at an INFO level in the client's logfile. This vulnerability can lead to information disclosure, potentially revealing critical system details to unauthorized parties.
CWE-117 - Improper Output Neutralization for Logs| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
An unbounded disk usage flaw has been discovered in Next.js. The default Next.js image optimization disk cache (`/_next/image`) did not have a configurable upper bound, allowing unbounded cache growth. An attacker could generate many unique image-optimization variants and exhaust disk space, causing denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty. A remote attacker could exploit this vulnerability by sending specially crafted HTTP/1.1 chunked transfer encoding extension values. Due to incorrect parsing of quoted strings, this flaw enables request smuggling attacks, potentially allowing an attacker to bypass security controls or access unauthorized information.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty. A remote user can trigger a Denial of Service (DoS) against a Netty HTTP/2 server by sending a flood of CONTINUATION frames. The server's lack of a limit on these frames, coupled with a bypass of size-based mitigations using zero-byte frames, allows an attacker to consume excessive CPU resources. This can render the server unresponsive with minimal bandwidth usage.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
|
A flaw was found in Apache Log4j Core. The XmlLayout component, responsible for formatting log messages into XML, does not properly remove or replace characters that are not allowed in XML 1.0. When log messages or diagnostic information contain these forbidden characters, the resulting XML output becomes invalid. This can lead to two main issues: either systems processing these logs will fail to read the affected records, or the logging process itself will stop delivering events, both resulting in a denial of service for logging operations.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in io.quarkus:quarkus-vertx-http. A remote attacker can exploit an authorization bypass vulnerability by including semicolons, also known as matrix parameters, in HTTP requests. This allows bypassing path-based HTTP security policies, enabling unauthorized access to protected endpoints. The vulnerability arises because Quarkus's security layer performs authorization checks on the raw URL path, which preserves these matrix parameters.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in DOMPurify, a DOM-only cross-site scripting sanitizer. A remote attacker could exploit an inconsistency in how forbidden tags and attributes are handled when function-based tag additions are used. This allows malicious HTML, MathML, or SVG elements to bypass sanitization and execute arbitrary code in the user's browser, leading to Cross-Site Scripting (XSS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as a Prototype Pollution "Gadget" attack, allows a remote attacker to subtly alter JSON API responses. By manipulating a specific function, an attacker can selectively modify data within these responses. This could lead to significant security breaches, including unauthorized privilege escalation, fraudulent balance manipulation, or bypassing critical authorization checks.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty, an asynchronous, event-driven network application framework. A remote attacker can exploit this vulnerability by sending a specially crafted LZ4 compressed data stream. This can cause the Lz4FrameDecoder to allocate a large amount of memory (up to 32 MB per block) before the LZ4 decompression runs, leading to excessive memory consumption and a denial of service (DoS) for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty. A remote attacker can bypass the configured decompression limit in the HttpContentDecompressor by sending a specially crafted compressed payload using Brotli (br), Zstandard (zstd), or Snappy content encodings. This can lead to unbounded memory allocation, resulting in an out-of-memory Denial of Service (DoS) for the affected system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in netty-handler, a component of the Netty network application framework. A remote attacker can exploit an incorrect masking operation in the IpSubnetFilterRule.compareTo() function to bypass configured IPv6 subnet rules. This allows valid public IP addresses to circumvent intended network restrictions, potentially leading to unauthorized access or exposure of services.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Next.js. Applications utilizing the Pages Router with internationalization (i18n) configured and middleware or proxy-based authorization are susceptible to unauthorized access. A remote attacker can exploit this by making locale-less /_next/data/<buildId>/<page>.json requests, which bypass the intended authorization checks. This allows the attacker to retrieve sensitive server-side rendered (SSR) JSON data from protected pages, leading to information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Next.js. This vulnerability allows an attacker to bypass security checks in web applications that use Next.js middleware to protect specific web pages. By sending specially crafted web addresses, an attacker can access protected content without proper authorization. This could lead to unauthorized viewing of sensitive information or access to restricted features.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Next.js. App Router applications that use middleware or proxy-based authorization checks are vulnerable to unauthorized access. A remote attacker can exploit this by crafting specific .rsc and segment-prefetch URLs, which bypass the intended middleware rules. This allows access to protected content without proper authorization.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Next.js. When self-hosting Next.js with the default image loader, the Image Optimization API fetches local images entirely into memory without enforcing a maximum size limit. A remote attacker could exploit this by requesting large local assets from the /_next/image endpoint. This can lead to out-of-memory conditions, resulting in a Denial of Service (DoS) for the application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Next.js. Self-hosted applications utilizing the built-in Node.js server are vulnerable to Server-Side Request Forgery (SSRF) through specially crafted WebSocket upgrade requests. A remote attacker can exploit this by causing the server to proxy requests to arbitrary internal or external destinations. This could lead to the exposure of internal services or sensitive cloud metadata endpoints.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Next.js. Applications utilizing Partial Prerendering via the Cache Components feature are susceptible to connection exhaustion. A remote attacker can send crafted POST requests to a server action, triggering a request-body handling deadlock. This leaves connections open, consuming server resources and ultimately leading to a Denial of Service (DoS) for legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in netty-codec-haproxy, a component of the Netty network application framework. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy message with a malformed PP2_TYPE_SSL TLV (Type-Length-Value) header. This can lead to an IndexOutOfBoundsException and prevent the release of retained memory, ultimately causing a Denial of Service (DoS) condition for the affected application.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Next.js. A remote unauthenticated attacker could exploit a bypass in a security fix when using middleware.ts with Turbopack. This vulnerability could lead to the disclosure of sensitive information.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a crafted TLS (Transport Layer Security) ClientHello message. This can lead to an eager allocation of a large memory buffer, causing a Denial of Service (DoS) due to excessive memory consumption. The issue occurs in the `SslClientHelloHandler.decode()` method when processing the TLS handshake length.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty's DnsResolveContext. This vulnerability allows a remote attacker to achieve information disclosure or data manipulation by crafting malicious DNS responses. The flaw occurs because the DnsResolveContext fails to validate the origin (bailiwick) of CNAME records in DNS responses, which could enable an attacker to redirect network traffic or intercept sensitive data from affected applications.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty's `DnsResolveContext`. An attacker controlling an authoritative name server for a subdomain can exploit this vulnerability by providing crafted NS records that are insufficiently validated. This allows the attacker to poison the DNS cache for parent domains, bypassing standard bailiwick rules. Consequently, future DNS resolutions for the affected parent domain will use the poisoned cache, potentially redirecting users to malicious servers and leading to information disclosure or integrity compromise.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in netty-codec-http2. A remote attacker could send specially crafted frames that cause a resource leak within the `DelegatingDecompressorFrameListener` class. This resource leak could lead to an Out Of Memory Error (OOME), potentially causing a Denial of Service (DoS) by taking down the entire Java Virtual Machine (JVM).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in the Netty HAProxy PROXY protocol v2 codec. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy PROXY protocol v2 header with nested `PP2_TYPE_SSL` type-length-value (TLV) records. This can lead to a memory leak, causing the underlying cumulation buffer to remain permanently pinned and potentially resulting in a Denial of Service (DoS) due to resource exhaustion.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Netty, a network application framework. This vulnerability allows a remote attacker to bypass hostname verification due to improper handling of user-supplied trust managers. When a client is configured with a plain X.509 Trust Manager (X509TrustManager), it fails to perform necessary hostname checks, enabling an attacker to impersonate a legitimate server. This could lead to sensitive information disclosure or man-in-the-middle attacks.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
A flaw was found in Quarkus. A remote attacker could bypass HTTP path-based authorization policies by using specially crafted encoded semicolons, slashes, or backslashes in HTTP requests. This could allow unauthorized access to protected static resources, leading to information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Streams for Apache Kafka 2.9.4
Red Hat / Red Hat OpenShift Enterprise
|
cpe:/a:redhat:amq_streams:2.9::el9
|
— |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Streams for Apache Kafka 2.9.4 is now available from the Red Hat Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Streams for Apache Kafka, based on the Apache Kafka project, offers a distributed\nbackbone that allows microservices and other applications to share data with\nextremely high throughput and extremely low latency.\n\nThis release of Red Hat Streams for Apache Kafka 2.9.4 serves as a replacement for Red Hat Streams for Apache Kafka 2.9.3, and includes security and bug fixes, and enhancements.\n\nSecurity Fix(es):\n\n * jose4j: Denial of Service via compressed JWE content (CVE-2024-29371)\n * cluster-operator: Cross-namespace privilege escalation via Kafka.spec.entityOperator.watchedNamespace in Strimzi (CVE-2026-55225)\n * netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions (CVE-2025-58056)\n * lodash: Arbitrary code execution via untrusted input in template imports (CVE-2026-4800)\n * React Server Components: Denial of Service via specially crafted HTTP requests (CVE-2026-23864)\n * Apache ZooKeeper: Impersonation of servers or clients via reverse DNS spoofing (CVE-2026-24281)\n * netty-codec-http: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values (CVE-2026-33870)\n * netty-codec-http2: Denial of Service via HTTP/2 CONTINUATION frame flood (CVE-2026-33871)\n * log4j-core: Invalid XML output causes denial of service in logging (CVE-2026-34480)\n * quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests (CVE-2026-39852)\n * netty-codec: Denial of Service via excessive memory allocation in LZ4FrameDecoder (CVE-2026-42583)\n * netty-codec-http2: Denial of Service via unbounded memory allocation in HTTP content decompression (CVE-2026-42587)\n * netty-handler: IPv6 subnet rule bypass due to incorrect masking operation (CVE-2026-44249)\n * Next.js: Information disclosure due to middleware bypass in Pages Router with i18n (CVE-2026-44573)\n * Next.js: Authorization bypass via crafted query parameters (CVE-2026-44574)\n * Next.js: Unauthorized access to protected content via middleware bypass (CVE-2026-44575)\n * Next.js: Server-Side Request Forgery via crafted WebSocket upgrade requests (CVE-2026-44578)\n * Next.js: Denial of Service via crafted POST requests to server actions (CVE-2026-44579)\n * netty-codec-haproxy: Denial of Service via malformed HAProxy message (CVE-2026-44893)\n * Next.js: Information disclosure via security fix bypass in middleware with Turbopack (CVE-2026-45109)\n * netty-handler: Denial of Service via eager buffer allocation in TLS handshake (CVE-2026-45416)\n * netty-resolver-dns: Information disclosure and data manipulation due to improper CNAME record validation (CVE-2026-45674)\n * netty-resolver-dns: Insufficient Bailiwick Validation for NS Records (CVE-2026-47691)\n * netty-codec-http2: Denial of Service due to resource leak (CVE-2026-48043)\n * netty-codec-haproxy: Denial of Service via memory leak from crafted PROXY protocol headers (CVE-2026-48059)\n * netty-handler: Improper trust manager handling leads to hostname verification bypass (CVE-2026-50010)\n * quarkus-vertx-http: Authorization bypass in HTTP path-based policies via encoded characters (CVE-2026-50559)\n * lodash: Prototype pollution in _.unset and _.omit functions (CVE-2025-13465)\n * vertx-core: Static handler component cache can be manipulated to deny access to static files (CVE-2026-1002)\n * vertx-core: Denial of Service via TLS handshake with wildcard server name (CVE-2026-6860)\n * Apache ZooKeeper: Information disclosure via improper handling of configuration values (CVE-2026-24308)\n * Next.js: Unbounded next/image disk cache growth can exhaust storage (CVE-2026-27980)\n * DOMPurify: Cross-Site Scripting (XSS) via inconsistent tag sanitization (CVE-2026-41240)\n * axios: Invisible JSON Response Tampering via Prototype Pollution Gadget (CVE-2026-42044)\n * Next.js: Denial of Service via Image Optimization API (CVE-2026-44577)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:34608",
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2392996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392996"
},
{
"category": "external",
"summary": "2423194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423194"
},
{
"category": "external",
"summary": "2430180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430180"
},
{
"category": "external",
"summary": "2431740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431740"
},
{
"category": "external",
"summary": "2433059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433059"
},
{
"category": "external",
"summary": "2445449",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445449"
},
{
"category": "external",
"summary": "2445451",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445451"
},
{
"category": "external",
"summary": "2448509",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448509"
},
{
"category": "external",
"summary": "2452453",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452453"
},
{
"category": "external",
"summary": "2452456",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452456"
},
{
"category": "external",
"summary": "2453496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453496"
},
{
"category": "external",
"summary": "2457328",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457328"
},
{
"category": "external",
"summary": "2457819",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457819"
},
{
"category": "external",
"summary": "2461147",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461147"
},
{
"category": "external",
"summary": "2461624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461624"
},
{
"category": "external",
"summary": "2466990",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466990"
},
{
"category": "external",
"summary": "2477187",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477187"
},
{
"category": "external",
"summary": "2477188",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477188"
},
{
"category": "external",
"summary": "2477190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477190"
},
{
"category": "external",
"summary": "2477193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477193"
},
{
"category": "external",
"summary": "2477194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477194"
},
{
"category": "external",
"summary": "2477199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477199"
},
{
"category": "external",
"summary": "2477207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477207"
},
{
"category": "external",
"summary": "2477219",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477219"
},
{
"category": "external",
"summary": "2477220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477220"
},
{
"category": "external",
"summary": "2486959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2486959"
},
{
"category": "external",
"summary": "2488081",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488081"
},
{
"category": "external",
"summary": "2488383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488383"
},
{
"category": "external",
"summary": "2488391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488391"
},
{
"category": "external",
"summary": "2488400",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488400"
},
{
"category": "external",
"summary": "2488429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488429"
},
{
"category": "external",
"summary": "2488437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488437"
},
{
"category": "external",
"summary": "2488439",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488439"
},
{
"category": "external",
"summary": "2488442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488442"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_34608.json"
}
],
"title": "Red Hat Security Advisory: Streams for Apache Kafka 2.9.4 release and security update",
"tracking": {
"current_release_date": "2026-07-04T11:22:42+00:00",
"generator": {
"date": "2026-07-04T11:22:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:34608",
"initial_release_date": "2026-07-02T00:03:15+00:00",
"revision_history": [
{
"date": "2026-07-02T00:03:15+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-07-02T00:03:15+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-04T11:22:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Streams for Apache Kafka 2.9.4",
"product": {
"name": "Streams for Apache Kafka 2.9.4",
"product_id": "Streams for Apache Kafka 2.9.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:amq_streams:2.9::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-29371",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-17T16:01:18.173727+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2423194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jose4j. A remote attacker can exploit this by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high compression ratio. When this token is processed by the server, it results in significant memory allocation and processing time during decompression. This can lead to a Denial of Service, making the service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important as it can lead to a Denial of Service in applications that process untrusted JSON Web Encryption tokens. An attacker can craft a malicious JWE token with an exceptionally high compression ratio, causing excessive memory allocation and processing time during decompression in affected components like jose4j. This affects products such as Red Hat AMQ, Enterprise Application Platform (EAP 8.0.z, 8.1.z), Red Hat JBoss Fuse, JBoss Data Grid, OpenShift Developer Tools \u0026 Services, Red Hat build of Apache Camel, Red Hat Integration, Red Hat OpenShift Dev Spaces, Red Hat Process Automation Manager, Red Hat Single Sign-On (RH-SSO), Insights, cloud.redhat.com, and OpenShift Serverless.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29371"
},
{
"category": "external",
"summary": "RHBZ#2423194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29371"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29371"
},
{
"category": "external",
"summary": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack",
"url": "https://bitbucket.org/b_c/jose4j/issues/220/vuln-zip-bomb-attack"
}
],
"release_date": "2025-12-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jose4j: jose4j: Denial of Service via malicious JSON Web Encryption (JWE) token compression"
},
{
"cve": "CVE-2025-13465",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2026-01-21T20:01:28.774829+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431740"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Lodash. A prototype pollution vulnerability in the _.unset and _.omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lodash: prototype pollution in _.unset and _.omit functions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is only exploitable by applications using the _.unset and _.omit functions on an object and allowing user input to determine the path of the property to be removed. This issue only allows the deletion of properties but does not allow overwriting their behavior, limiting the impact to a denial of service. Due to this reason, this vulnerability has been rated with an important severity.\n\nIn Grafana, JavaScript code runs only in the browser, while the server side is all Golang. Therefore, the worst-case scenario is a loss of functionality in the client application inside the browser. To reflect this, the CVSS availability metric and the severity of the Grafana and the Grafana-PCP component have been updated to low and moderate, respectively.\n\nThe lodash dependency is bundled and used by the pcs-web-ui component of the PCS package. In Red Hat Enterprise Linux 8.10, the pcs-web-ui component is no longer included in the PCS package. As a result, RHEL 8.10 does not ship the vulnerable lodash component within PCS and is therefore not-affected by this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-13465"
},
{
"category": "external",
"summary": "RHBZ#2431740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431740"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-13465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13465"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-13465",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13465"
},
{
"category": "external",
"summary": "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg",
"url": "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg"
}
],
"release_date": "2026-01-21T19:05:28.846000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement strict input validation before passing any property paths to the _.unset and _.omit functions to block attempts to access the prototype chain. Ensure that strings like __proto__, constructor and prototype are blocked, for example.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "lodash: prototype pollution in _.unset and _.omit functions"
},
{
"cve": "CVE-2025-58056",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2025-09-03T21:01:22.935850+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392996"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in Netty\u2019s HTTP/1.1 chunked encoding parser allows newline (LF) characters in chunk extensions to be incorrectly treated as the end of the chunk-size line instead of requiring the proper CRLF sequence. This discrepancy can be exploited in rare cases where a reverse proxy interprets the same input differently, potentially enabling HTTP request smuggling attacks such as bypassing access controls or corrupting responses.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is considered Moderate rather than Important because successful exploitation depends on a very specific deployment condition: the presence of an intermediary reverse proxy that both mishandles lone LF characters in chunk extensions and forwards them unmodified to Netty. By itself, Netty\u2019s parsing quirk does not introduce risk, and in most real-world environments, reverse proxies normalize or reject malformed chunked requests, preventing smuggling. As a result, the vulnerability has limited reach, requires a niche configuration to be exploitable, and does not universally expose Netty-based servers to request smuggling\u2014hence it is rated moderate in severity rather than important or critical.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58056"
},
{
"category": "external",
"summary": "RHBZ#2392996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392996"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58056",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58056"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc9112#name-chunked-transfer-coding",
"url": "https://datatracker.ietf.org/doc/html/rfc9112#name-chunked-transfer-coding"
},
{
"category": "external",
"summary": "https://github.com/JLLeitschuh/unCVEed/issues/1",
"url": "https://github.com/JLLeitschuh/unCVEed/issues/1"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"url": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/issues/15522",
"url": "https://github.com/netty/netty/issues/15522"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/pull/15611",
"url": "https://github.com/netty/netty/pull/15611"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-fghv-69vj-qj49",
"url": "https://github.com/netty/netty/security/advisories/GHSA-fghv-69vj-qj49"
},
{
"category": "external",
"summary": "https://w4ke.info/2025/06/18/funky-chunks.html",
"url": "https://w4ke.info/2025/06/18/funky-chunks.html"
}
],
"release_date": "2025-09-03T20:56:50.732000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "To mitigate this issue, enforce strict RFC compliance on all front-end proxies and load balancers so that lone LF characters in chunk extensions are rejected or normalized before being forwarded. Additionally, configure input validation at the application or proxy layer to block malformed chunked requests, ensuring consistent parsing across all components in the request path.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions"
},
{
"cve": "CVE-2026-1002",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-01-15T21:03:20.088599+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430180"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability allows a remote attacker to block access to specific static files, such as images, CSS or HTML files. However, the underlying Vert.x server, the API endpoints and other non-cached resources are not affected. Due to this reason, this issue has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1002"
},
{
"category": "external",
"summary": "RHBZ#2430180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430180"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1002",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1002"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1002",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1002"
},
{
"category": "external",
"summary": "https://github.com/eclipse-vertx/vert.x/pull/5895",
"url": "https://github.com/eclipse-vertx/vert.x/pull/5895"
}
],
"release_date": "2026-01-15T20:50:25.642000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, consider disabling the static handler cache by configuring the StaticHandler instance with setCachingEnabled(false), for example:\n\n~~~\nStaticHandler staticHandler = StaticHandler.create().setCachingEnabled(false);\n~~~",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files"
},
{
"cve": "CVE-2026-4800",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-03-31T20:01:21.918257+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453496"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink. Additionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lodash: lodash: Arbitrary code execution via untrusted input in template imports",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the context of Red Hat Enterprise Linux, the grafana and grafana-pcp packages execute the affected JavaScript entirely client-side within the user\u0027s browser. Consequently, the attack surface is strictly restricted to the local browser environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4800"
},
{
"category": "external",
"summary": "RHBZ#2453496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4800",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm",
"url": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm"
},
{
"category": "external",
"summary": "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c",
"url": "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c"
}
],
"release_date": "2026-03-31T19:25:55.987000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "lodash: lodash: Arbitrary code execution via untrusted input in template imports"
},
{
"cve": "CVE-2026-6860",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-05-06T10:01:43.929832+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466990"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in eclipse-vertx/vert.x. A remote attacker can exploit this vulnerability by performing a Transport Layer Security (TLS) handshake and presenting a server name extension with a server wildcard name. This can lead to a denial of service (DoS) condition, impacting the availability of the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "eclipse-vertx/vert.x: eclipse-vertx/vert.x: Denial of Service via TLS handshake with wildcard server name",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as Moderate because a remote attacker can trigger a denial of service in Red Hat products that use `eclipse-vertx/vert.x` and are configured with TLS wildcard server names. Exploitation occurs during the TLS handshake, impacting service availability without affecting data confidentiality or integrity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-6860"
},
{
"category": "external",
"summary": "RHBZ#2466990",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466990"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-6860",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6860"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-6860",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6860"
},
{
"category": "external",
"summary": "https://github.com/eclipse-vertx/vert.x/pull/6102",
"url": "https://github.com/eclipse-vertx/vert.x/pull/6102"
},
{
"category": "external",
"summary": "https://github.com/eclipse-vertx/vert.x/security/advisories/GHSA-3g76-f9xq-8vp6",
"url": "https://github.com/eclipse-vertx/vert.x/security/advisories/GHSA-3g76-f9xq-8vp6"
},
{
"category": "external",
"summary": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/381",
"url": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/381"
}
],
"release_date": "2026-05-06T09:55:12.531000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "eclipse-vertx/vert.x: eclipse-vertx/vert.x: Denial of Service via TLS handshake with wildcard server name"
},
{
"cve": "CVE-2026-23864",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2026-01-26T20:01:54.396535+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2433059"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in React Server Components. A remote attacker can exploit this vulnerability by sending specially crafted HTTP requests to Server Function endpoints. This can lead to a Denial of Service (DoS), causing server crashes, out-of-memory exceptions, or excessive CPU usage, thereby impacting the availability of applications.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "react-server-dom-webpack: react-server-dom-parcel: reactreact-server-dom-turbopack: React Server Components: Denial of Service via specially crafted HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23864"
},
{
"category": "external",
"summary": "RHBZ#2433059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433059"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23864",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23864"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23864",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23864"
},
{
"category": "external",
"summary": "https://github.com/facebook/react/security/advisories/GHSA-83fc-fqcc-2hmg",
"url": "https://github.com/facebook/react/security/advisories/GHSA-83fc-fqcc-2hmg"
},
{
"category": "external",
"summary": "https://www.facebook.com/security/advisories/cve-2026-23864",
"url": "https://www.facebook.com/security/advisories/cve-2026-23864"
}
],
"release_date": "2026-01-26T19:16:38.250000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "react-server-dom-webpack: react-server-dom-parcel: reactreact-server-dom-turbopack: React Server Components: Denial of Service via specially crafted HTTP requests"
},
{
"cve": "CVE-2026-24281",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-03-07T09:00:57.868082+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445449"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache ZooKeeper. The ZKTrustManager component\u0027s hostname verification process can fall back to reverse DNS (PTR) lookup when IP Subject Alternative Name (SAN) validation fails. This vulnerability allows an attacker who can control or spoof PTR records to impersonate ZooKeeper servers or clients, provided they possess a valid certificate for the PTR name. This could lead to unauthorized access or manipulation of ZooKeeper services.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Apache ZooKeeper: Apache ZooKeeper: Impersonation of servers or clients via reverse DNS spoofing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24281"
},
{
"category": "external",
"summary": "RHBZ#2445449",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445449"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24281"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/088ddsbrzhd5lxzbqf5n24yg0mwh9jt2",
"url": "https://lists.apache.org/thread/088ddsbrzhd5lxzbqf5n24yg0mwh9jt2"
}
],
"release_date": "2026-03-07T08:50:32.525000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "To mitigate this issue, disable reverse DNS lookup in Apache ZooKeeper\u0027s client and quorum protocols. This can be achieved by configuring the `zookeeper.ssl.hostnameVerification.disableReverseDns` property to `true`. This configuration option is available in Apache ZooKeeper versions 3.8.6 and 3.9.5 and later. A restart of the ZooKeeper service will be required for the change to take effect.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Apache ZooKeeper: Apache ZooKeeper: Impersonation of servers or clients via reverse DNS spoofing"
},
{
"cve": "CVE-2026-24308",
"cwe": {
"id": "CWE-117",
"name": "Improper Output Neutralization for Logs"
},
"discovery_date": "2026-03-07T09:01:03.859129+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445451"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache ZooKeeper. Improper handling of configuration values in ZKConfig allows an attacker to expose sensitive information. This occurs when sensitive client configuration values are logged at an INFO level in the client\u0027s logfile. This vulnerability can lead to information disclosure, potentially revealing critical system details to unauthorized parties.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Apache ZooKeeper: Apache ZooKeeper: Information disclosure via improper handling of configuration values",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24308"
},
{
"category": "external",
"summary": "RHBZ#2445451",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445451"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24308",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24308"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24308",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24308"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/qng3rtzv2pqkmko4rhv85jfplkyrgqdr",
"url": "https://lists.apache.org/thread/qng3rtzv2pqkmko4rhv85jfplkyrgqdr"
}
],
"release_date": "2026-03-07T08:51:17.567000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Apache ZooKeeper: Apache ZooKeeper: Information disclosure via improper handling of configuration values"
},
{
"cve": "CVE-2026-27980",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-18T01:01:36.393672+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448509"
}
],
"notes": [
{
"category": "description",
"text": "An unbounded disk usage flaw has been discovered in Next.js. The default Next.js image optimization disk cache (`/_next/image`) did not have a configurable upper bound, allowing unbounded cache growth. An attacker could generate many unique image-optimization variants and exhaust disk space, causing denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "next.js: Next.js: Unbounded next/image disk cache growth can exhaust storage",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27980"
},
{
"category": "external",
"summary": "RHBZ#2448509",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448509"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27980",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27980"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27980",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27980"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/commit/39eb8e0ac498b48855a0430fbf4c22276a73b4bd",
"url": "https://github.com/vercel/next.js/commit/39eb8e0ac498b48855a0430fbf4c22276a73b4bd"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/releases/tag/v16.1.7",
"url": "https://github.com/vercel/next.js/releases/tag/v16.1.7"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/security/advisories/GHSA-3x4c-7xq6-9pq8",
"url": "https://github.com/vercel/next.js/security/advisories/GHSA-3x4c-7xq6-9pq8"
}
],
"release_date": "2026-03-18T00:23:34.862000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "next.js: Next.js: Unbounded next/image disk cache growth can exhaust storage"
},
{
"cve": "CVE-2026-33870",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-03-27T21:01:59.865839+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452453"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. A remote attacker could exploit this vulnerability by sending specially crafted HTTP/1.1 chunked transfer encoding extension values. Due to incorrect parsing of quoted strings, this flaw enables request smuggling attacks, potentially allowing an attacker to bypass security controls or access unauthorized information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33870"
},
{
"category": "external",
"summary": "RHBZ#2452453",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452453"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33870",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33870"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33870",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33870"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8",
"url": "https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8"
},
{
"category": "external",
"summary": "https://w4ke.info/2025/06/18/funky-chunks.html",
"url": "https://w4ke.info/2025/06/18/funky-chunks.html"
},
{
"category": "external",
"summary": "https://w4ke.info/2025/10/29/funky-chunks-2.html",
"url": "https://w4ke.info/2025/10/29/funky-chunks-2.html"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9110",
"url": "https://www.rfc-editor.org/rfc/rfc9110"
}
],
"release_date": "2026-03-27T19:54:15.586000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values"
},
{
"cve": "CVE-2026-33871",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-27T21:02:13.396015+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452456"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. A remote user can trigger a Denial of Service (DoS) against a Netty HTTP/2 server by sending a flood of CONTINUATION frames. The server\u0027s lack of a limit on these frames, coupled with a bypass of size-based mitigations using zero-byte frames, allows an attacker to consume excessive CPU resources. This can render the server unresponsive with minimal bandwidth usage.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This important vulnerability in Netty HTTP/2 servers allows a remote attacker to cause a Denial of Service by sending a flood of CONTINUATION frames. This can lead to excessive CPU consumption and render the server unresponsive. Red Hat products utilizing affected Netty versions, such as Red Hat AMQ, Enterprise Application Platform, and OpenShift Container Platform components, are impacted if configured to use HTTP/2.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33871"
},
{
"category": "external",
"summary": "RHBZ#2452456",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452456"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33871",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33871"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33871",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33871"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-w9fj-cfpg-grvv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-w9fj-cfpg-grvv"
}
],
"release_date": "2026-03-27T19:55:23.135000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood"
},
{
"cve": "CVE-2026-34480",
"cwe": {
"id": "CWE-168",
"name": "Improper Handling of Inconsistent Special Elements"
},
"discovery_date": "2026-04-10T16:02:17.024798+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2457328"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache Log4j Core. The XmlLayout component, responsible for formatting log messages into XML, does not properly remove or replace characters that are not allowed in XML 1.0. When log messages or diagnostic information contain these forbidden characters, the resulting XML output becomes invalid. This can lead to two main issues: either systems processing these logs will fail to read the affected records, or the logging process itself will stop delivering events, both resulting in a denial of service for logging operations.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "org.apache.logging.log4j/log4j-core: Apache Log4j Core: Invalid XML output causes denial of service in logging",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw in Apache Log4j Core\u0027s XmlLayout component can lead to a denial of service in logging operations when log messages contain characters forbidden by the XML 1.0 specification. Systems processing these logs may fail to read records or the logging process may cease event delivery, impacting monitoring and auditing capabilities in affected Red Hat products. Red Hat products in their default configurations will be able to automatically recover, but some log messages may be lost.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34480"
},
{
"category": "external",
"summary": "RHBZ#2457328",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457328"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34480",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34480"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34480",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34480"
},
{
"category": "external",
"summary": "https://github.com/apache/logging-log4j2/pull/4077",
"url": "https://github.com/apache/logging-log4j2/pull/4077"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread/5x0hcnng0chhghp6jgjdp3qmbbhfjzhb",
"url": "https://lists.apache.org/thread/5x0hcnng0chhghp6jgjdp3qmbbhfjzhb"
},
{
"category": "external",
"summary": "https://logging.apache.org/cyclonedx/vdr.xml",
"url": "https://logging.apache.org/cyclonedx/vdr.xml"
},
{
"category": "external",
"summary": "https://logging.apache.org/log4j/2.x/manual/layouts.html#XmlLayout",
"url": "https://logging.apache.org/log4j/2.x/manual/layouts.html#XmlLayout"
},
{
"category": "external",
"summary": "https://logging.apache.org/security.html#CVE-2026-34480",
"url": "https://logging.apache.org/security.html#CVE-2026-34480"
}
],
"release_date": "2026-04-10T15:42:03.843000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "org.apache.logging.log4j/log4j-core: Apache Log4j Core: Invalid XML output causes denial of service in logging"
},
{
"cve": "CVE-2026-39852",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-04-13T13:26:46.572000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2457819"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in io.quarkus:quarkus-vertx-http. A remote attacker can exploit an authorization bypass vulnerability by including semicolons, also known as matrix parameters, in HTTP requests. This allows bypassing path-based HTTP security policies, enabling unauthorized access to protected endpoints. The vulnerability arises because Quarkus\u0027s security layer performs authorization checks on the raw URL path, which preserves these matrix parameters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.quarkus:quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39852"
},
{
"category": "external",
"summary": "RHBZ#2457819",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457819"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39852",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39852"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39852",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39852"
},
{
"category": "external",
"summary": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-rc95-pcm8-65v9",
"url": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-rc95-pcm8-65v9"
}
],
"release_date": "2026-05-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "To mitigate this issue, configure a reverse proxy or load balancer in front of the Quarkus application to normalize incoming URL paths by stripping matrix parameters (semicolons) before requests reach the Quarkus security layer. This ensures that authorization checks are performed on the intended path. Ensure that any changes to proxy configurations are thoroughly tested and services are reloaded or restarted as necessary to apply the new settings.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "io.quarkus:quarkus-vertx-http: io.quarkus:quarkus-vertx-http: Authorization bypass via semicolons in HTTP requests"
},
{
"cve": "CVE-2026-41240",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-04-23T16:04:41.751666+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461147"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in DOMPurify, a DOM-only cross-site scripting sanitizer. A remote attacker could exploit an inconsistency in how forbidden tags and attributes are handled when function-based tag additions are used. This allows malicious HTML, MathML, or SVG elements to bypass sanitization and execute arbitrary code in the user\u0027s browser, leading to Cross-Site Scripting (XSS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "DOMPurify: DOMPurify: Cross-Site Scripting (XSS) via inconsistent tag sanitization",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-41240"
},
{
"category": "external",
"summary": "RHBZ#2461147",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461147"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-41240",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-41240"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-41240",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41240"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/c361baa18dbdcb3344a41110f4c48ad85bf48f80",
"url": "https://github.com/cure53/DOMPurify/commit/c361baa18dbdcb3344a41110f4c48ad85bf48f80"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/releases/tag/3.4.0",
"url": "https://github.com/cure53/DOMPurify/releases/tag/3.4.0"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-h7mw-gpvr-xq4m",
"url": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-h7mw-gpvr-xq4m"
}
],
"release_date": "2026-04-23T14:54:32.426000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "DOMPurify: DOMPurify: Cross-Site Scripting (XSS) via inconsistent tag sanitization"
},
{
"cve": "CVE-2026-42044",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-24T19:01:13.418725+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461624"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a widely used HTTP client. This vulnerability, known as a Prototype Pollution \"Gadget\" attack, allows a remote attacker to subtly alter JSON API responses. By manipulating a specific function, an attacker can selectively modify data within these responses. This could lead to significant security breaches, including unauthorized privilege escalation, fraudulent balance manipulation, or bypassing critical authorization checks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42044"
},
{
"category": "external",
"summary": "RHBZ#2461624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461624"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42044",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42044"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42044"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23",
"url": "https://github.com/axios/axios/security/advisories/GHSA-3w6x-2g7m-8v23"
}
],
"release_date": "2026-04-24T17:49:49.517000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget"
},
{
"cve": "CVE-2026-42583",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-05-13T19:01:32.498598+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477219"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, an asynchronous, event-driven network application framework. A remote attacker can exploit this vulnerability by sending a specially crafted LZ4 compressed data stream. This can cause the Lz4FrameDecoder to allocate a large amount of memory (up to 32 MB per block) before the LZ4 decompression runs, leading to excessive memory consumption and a denial of service (DoS) for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: io.netty/netty-codec-compression: io.netty/netty-codec: Netty: Denial of Service via excessive memory allocation in LZ4FrameDecoder",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A flaw was found in Netty\u0027s LZ4FrameDecoder. The decoder allocates a buffer based on the decompressed length from the LZ4 frame header (up to 32 MB per block) before decompression runs. A remote attacker can send a small crafted LZ4 header (as few as 22 bytes) to force excessive memory allocation, leading to a denial of service. Red Hat products that use Netty with LZ4 compression enabled are affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42583"
},
{
"category": "external",
"summary": "RHBZ#2477219",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477219"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42583",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42583"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42583",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42583"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-mj4r-2hfc-f8p6",
"url": "https://github.com/netty/netty/security/advisories/GHSA-mj4r-2hfc-f8p6"
}
],
"release_date": "2026-05-13T18:09:19.817000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: io.netty/netty-codec-compression: io.netty/netty-codec: Netty: Denial of Service via excessive memory allocation in LZ4FrameDecoder"
},
{
"cve": "CVE-2026-42587",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-05-13T19:01:35.415881+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477220"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. A remote attacker can bypass the configured decompression limit in the HttpContentDecompressor by sending a specially crafted compressed payload using Brotli (br), Zstandard (zstd), or Snappy content encodings. This can lead to unbounded memory allocation, resulting in an out-of-memory Denial of Service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service vulnerability in Netty\u0027s HTTP content decompression. A remote attacker can exploit this flaw by sending specially crafted compressed payloads using Brotli, Zstandard, or Snappy encodings, bypassing configured decompression limits. This leads to unbounded memory allocation, potentially causing an out-of-memory condition and rendering affected Red Hat systems unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-42587"
},
{
"category": "external",
"summary": "RHBZ#2477220",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477220"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-42587",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-42587"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-42587",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42587"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv"
}
],
"release_date": "2026-05-13T18:22:21.699000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression"
},
{
"cve": "CVE-2026-44249",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"discovery_date": "2026-06-11T22:02:05.327173+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488081"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in netty-handler, a component of the Netty network application framework. A remote attacker can exploit an incorrect masking operation in the IpSubnetFilterRule.compareTo() function to bypass configured IPv6 subnet rules. This allows valid public IP addresses to circumvent intended network restrictions, potentially leading to unauthorized access or exposure of services.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in netty-handler is rated as Important because a remote attacker can bypass configured IPv6 subnet filtering rules. This flaw, stemming from an incorrect masking operation, could allow unauthorized access to or exposure of services that are intended to be network-restricted within Red Hat products utilizing the affected Netty component.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44249"
},
{
"category": "external",
"summary": "RHBZ#2488081",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488081"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44249",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44249"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44249",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44249"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-3qp7-7mw8-wx86",
"url": "https://github.com/netty/netty/security/advisories/GHSA-3qp7-7mw8-wx86"
}
],
"release_date": "2026-06-11T20:46:14.110000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation"
},
{
"cve": "CVE-2026-44573",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-05-13T18:01:50.343509+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477199"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Next.js. Applications utilizing the Pages Router with internationalization (i18n) configured and middleware or proxy-based authorization are susceptible to unauthorized access. A remote attacker can exploit this by making locale-less /_next/data/\u003cbuildId\u003e/\u003cpage\u003e.json requests, which bypass the intended authorization checks. This allows the attacker to retrieve sensitive server-side rendered (SSR) JSON data from protected pages, leading to information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "next.js: Next.js: Information disclosure due to middleware bypass in Pages Router with i18n",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44573"
},
{
"category": "external",
"summary": "RHBZ#2477199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477199"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44573",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44573"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44573",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44573"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5",
"url": "https://github.com/vercel/next.js/security/advisories/GHSA-36qx-fr4f-26g5"
}
],
"release_date": "2026-05-13T16:48:16.218000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "next.js: Next.js: Information disclosure due to middleware bypass in Pages Router with i18n"
},
{
"cve": "CVE-2026-44574",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-05-13T18:02:21.088167+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477207"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Next.js. This vulnerability allows an attacker to bypass security checks in web applications that use Next.js middleware to protect specific web pages. By sending specially crafted web addresses, an attacker can access protected content without proper authorization. This could lead to unauthorized viewing of sensitive information or access to restricted features.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Next.js: Next.js: Authorization bypass via crafted query parameters",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44574"
},
{
"category": "external",
"summary": "RHBZ#2477207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44574",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44574"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44574",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44574"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv",
"url": "https://github.com/vercel/next.js/security/advisories/GHSA-492v-c6pp-mqqv"
}
],
"release_date": "2026-05-13T16:56:06.008000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Next.js: Next.js: Authorization bypass via crafted query parameters"
},
{
"cve": "CVE-2026-44575",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-05-13T18:01:17.168356+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477188"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Next.js. App Router applications that use middleware or proxy-based authorization checks are vulnerable to unauthorized access. A remote attacker can exploit this by crafting specific .rsc and segment-prefetch URLs, which bypass the intended middleware rules. This allows access to protected content without proper authorization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "next.js: Next.js: Unauthorized access to protected content via middleware bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44575"
},
{
"category": "external",
"summary": "RHBZ#2477188",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477188"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44575",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44575"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44575",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44575"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f",
"url": "https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f"
}
],
"release_date": "2026-05-13T16:54:39.455000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "next.js: Next.js: Unauthorized access to protected content via middleware bypass"
},
{
"cve": "CVE-2026-44577",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-05-13T18:01:35.713847+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477194"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Next.js. When self-hosting Next.js with the default image loader, the Image Optimization API fetches local images entirely into memory without enforcing a maximum size limit. A remote attacker could exploit this by requesting large local assets from the /_next/image endpoint. This can lead to out-of-memory conditions, resulting in a Denial of Service (DoS) for the application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Next.js: Next.js: Denial of Service via Image Optimization API",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44577"
},
{
"category": "external",
"summary": "RHBZ#2477194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44577",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44577"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44577",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44577"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh",
"url": "https://github.com/vercel/next.js/security/advisories/GHSA-h64f-5h5j-jqjh"
}
],
"release_date": "2026-05-13T17:00:02.786000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Next.js: Next.js: Denial of Service via Image Optimization API"
},
{
"cve": "CVE-2026-44578",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2026-05-13T18:01:13.729805+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477187"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Next.js. Self-hosted applications utilizing the built-in Node.js server are vulnerable to Server-Side Request Forgery (SSRF) through specially crafted WebSocket upgrade requests. A remote attacker can exploit this by causing the server to proxy requests to arbitrary internal or external destinations. This could lead to the exposure of internal services or sensitive cloud metadata endpoints.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Next.js: Next.js: Server-Side Request Forgery via crafted WebSocket upgrade requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44578"
},
{
"category": "external",
"summary": "RHBZ#2477187",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477187"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44578",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44578"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44578",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44578"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r",
"url": "https://github.com/vercel/next.js/security/advisories/GHSA-c4j6-fc7j-m34r"
}
],
"release_date": "2026-05-13T17:01:38.942000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Next.js: Next.js: Server-Side Request Forgery via crafted WebSocket upgrade requests"
},
{
"cve": "CVE-2026-44579",
"cwe": {
"id": "CWE-833",
"name": "Deadlock"
},
"discovery_date": "2026-05-13T18:01:32.406247+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477193"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Next.js. Applications utilizing Partial Prerendering via the Cache Components feature are susceptible to connection exhaustion. A remote attacker can send crafted POST requests to a server action, triggering a request-body handling deadlock. This leaves connections open, consuming server resources and ultimately leading to a Denial of Service (DoS) for legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "next.js: Next.js: Denial of Service via crafted POST requests to server actions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44579"
},
{
"category": "external",
"summary": "RHBZ#2477193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44579",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44579"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44579",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44579"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx",
"url": "https://github.com/vercel/next.js/security/advisories/GHSA-mg66-mrh9-m8jx"
}
],
"release_date": "2026-05-13T17:04:28.388000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "next.js: Next.js: Denial of Service via crafted POST requests to server actions"
},
{
"cve": "CVE-2026-44893",
"cwe": {
"id": "CWE-805",
"name": "Buffer Access with Incorrect Length Value"
},
"discovery_date": "2026-06-12T15:01:18.066312+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488383"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in netty-codec-haproxy, a component of the Netty network application framework. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy message with a malformed PP2_TYPE_SSL TLV (Type-Length-Value) header. This can lead to an IndexOutOfBoundsException and prevent the release of retained memory, ultimately causing a Denial of Service (DoS) condition for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as Important because a remote, unauthenticated attacker can trigger a denial of service in applications utilizing `netty-codec-haproxy`. By sending a specially crafted HAProxy message with a malformed SSL TLV header, an attacker can cause an `IndexOutOfBoundsException`, leading to unreleased memory and resource exhaustion. This can render the affected application unresponsive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44893"
},
{
"category": "external",
"summary": "RHBZ#2488383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488383"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44893",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44893"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44893",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44893"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-cc37-9q2j-3hfv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-cc37-9q2j-3hfv"
}
],
"release_date": "2026-06-12T14:00:25.801000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message"
},
{
"cve": "CVE-2026-45109",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2026-05-13T18:01:23.402405+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477190"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Next.js. A remote unauthenticated attacker could exploit a bypass in a security fix when using middleware.ts with Turbopack. This vulnerability could lead to the disclosure of sensitive information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "next.js: Next.js: Information disclosure via security fix bypass in middleware with Turbopack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-45109"
},
{
"category": "external",
"summary": "RHBZ#2477190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477190"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-45109",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45109"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45109",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45109"
},
{
"category": "external",
"summary": "https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6",
"url": "https://github.com/vercel/next.js/security/advisories/GHSA-26hh-7cqf-hhc6"
}
],
"release_date": "2026-05-13T17:11:07.275000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "next.js: Next.js: Information disclosure via security fix bypass in middleware with Turbopack"
},
{
"cve": "CVE-2026-45416",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-06-12T15:01:45.671884+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488391"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a crafted TLS (Transport Layer Security) ClientHello message. This can lead to an eager allocation of a large memory buffer, causing a Denial of Service (DoS) due to excessive memory consumption. The issue occurs in the `SslClientHelloHandler.decode()` method when processing the TLS handshake length.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Netty is rated as Important. It allows a remote attacker to trigger a denial of service by sending a specially crafted TLS ClientHello message. The flaw arises from an eager, unbounded memory allocation during the TLS handshake, particularly when default configurations disable the maximum client hello length guard, leading to excessive resource consumption in affected Red Hat products utilizing Netty.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-45416"
},
{
"category": "external",
"summary": "RHBZ#2488391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488391"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-45416",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45416"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45416",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45416"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-x4gw-5cx5-pgmh",
"url": "https://github.com/netty/netty/security/advisories/GHSA-x4gw-5cx5-pgmh"
}
],
"release_date": "2026-06-12T14:10:05.585000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "To mitigate this issue, configure applications utilizing Netty\u0027s `SslClientHelloHandler` to specify a non-zero value for the `maxClientHelloLength` parameter. This will enable the internal length validation, preventing the eager allocation of large memory buffers when processing crafted TLS ClientHello messages. Refer to your specific application\u0027s documentation for details on configuring Netty\u0027s TLS handler. A restart of the affected application or service is required for the configuration changes to take effect.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake"
},
{
"cve": "CVE-2026-45674",
"cwe": {
"id": "CWE-346",
"name": "Origin Validation Error"
},
"discovery_date": "2026-06-12T15:02:15.565158+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488400"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s DnsResolveContext. This vulnerability allows a remote attacker to achieve information disclosure or data manipulation by crafting malicious DNS responses. The flaw occurs because the DnsResolveContext fails to validate the origin (bailiwick) of CNAME records in DNS responses, which could enable an attacker to redirect network traffic or intercept sensitive data from affected applications.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important severity flaw in Netty\u0027s DnsResolveContext allows a remote attacker to achieve information disclosure or data manipulation. By crafting malicious DNS responses, an attacker could redirect network traffic or intercept sensitive data, impacting applications utilizing Netty for DNS resolution in Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-45674"
},
{
"category": "external",
"summary": "RHBZ#2488400",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488400"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-45674",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45674"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45674",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45674"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-676x-f7gg-47vc",
"url": "https://github.com/netty/netty/security/advisories/GHSA-676x-f7gg-47vc"
}
],
"release_date": "2026-06-12T14:17:50.203000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation"
},
{
"cve": "CVE-2026-47691",
"cwe": {
"id": "CWE-346",
"name": "Origin Validation Error"
},
"discovery_date": "2026-06-12T16:02:45.855856+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488439"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s `DnsResolveContext`. An attacker controlling an authoritative name server for a subdomain can exploit this vulnerability by providing crafted NS records that are insufficiently validated. This allows the attacker to poison the DNS cache for parent domains, bypassing standard bailiwick rules. Consequently, future DNS resolutions for the affected parent domain will use the poisoned cache, potentially redirecting users to malicious servers and leading to information disclosure or integrity compromise.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important flaw in Netty\u0027s DNS resolution component, `netty-resolver-dns`, allows for DNS cache poisoning. An attacker with control over an authoritative name server for a subdomain could exploit this vulnerability to inject malicious DNS records into the cache of parent domains. This could lead to redirection of network traffic, impacting the integrity and availability of services relying on DNS resolution within affected Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-47691"
},
{
"category": "external",
"summary": "RHBZ#2488439",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488439"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-47691",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47691"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-47691",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47691"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-5pvg-856g-cp85",
"url": "https://github.com/netty/netty/security/advisories/GHSA-5pvg-856g-cp85"
}
],
"release_date": "2026-06-12T14:33:16.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records"
},
{
"cve": "CVE-2026-48043",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2026-06-12T16:02:56.371830+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488442"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in netty-codec-http2. A remote attacker could send specially crafted frames that cause a resource leak within the `DelegatingDecompressorFrameListener` class. This resource leak could lead to an Out Of Memory Error (OOME), potentially causing a Denial of Service (DoS) by taking down the entire Java Virtual Machine (JVM).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important denial of service flaw in netty-codec-http2, affecting Red Hat products that utilize HTTP/2 communication with decompression. A remote attacker can exploit a resource leak in the `DelegatingDecompressorFrameListener` by sending malformed HTTP/2 frames, potentially leading to an Out Of Memory Error and causing the Java Virtual Machine to terminate. This could disrupt service availability in affected deployments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-48043"
},
{
"category": "external",
"summary": "RHBZ#2488442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488442"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-48043",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48043"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-48043",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48043"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-c2gf-v879-257j",
"url": "https://github.com/netty/netty/security/advisories/GHSA-c2gf-v879-257j"
}
],
"release_date": "2026-06-12T14:39:52.498000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak"
},
{
"cve": "CVE-2026-48059",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-06-12T16:02:40.032749+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488437"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Netty HAProxy PROXY protocol v2 codec. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy PROXY protocol v2 header with nested `PP2_TYPE_SSL` type-length-value (TLV) records. This can lead to a memory leak, causing the underlying cumulation buffer to remain permanently pinned and potentially resulting in a Denial of Service (DoS) due to resource exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in the Netty HAProxy PROXY protocol v2 codec, which can lead to a denial of service. A remote attacker can trigger a memory leak by sending a specially crafted HAProxy PROXY protocol v2 header with deeply nested SSL TLV records, causing resource exhaustion in affected Red Hat products that utilize this codec.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-48059"
},
{
"category": "external",
"summary": "RHBZ#2488437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488437"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-48059",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48059"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-48059",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48059"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-h2qv-fj59-j46j",
"url": "https://github.com/netty/netty/security/advisories/GHSA-h2qv-fj59-j46j"
}
],
"release_date": "2026-06-12T14:42:44.677000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers"
},
{
"cve": "CVE-2026-50010",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-06-12T16:02:13.735675+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488429"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, a network application framework. This vulnerability allows a remote attacker to bypass hostname verification due to improper handling of user-supplied trust managers. When a client is configured with a plain X.509 Trust Manager (X509TrustManager), it fails to perform necessary hostname checks, enabling an attacker to impersonate a legitimate server. This could lead to sensitive information disclosure or man-in-the-middle attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in Netty that affects Red Hat products utilizing the `netty-handler` component, including various Red Hat AMQ, Enterprise Application Platform, and OpenShift offerings. The vulnerability arises when a Netty client is configured with a plain X.509 Trust Manager, leading to a bypass of hostname verification. This oversight allows a remote attacker to perform man-in-the-middle attacks by impersonating a legitimate server, potentially compromising sensitive data.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-50010"
},
{
"category": "external",
"summary": "RHBZ#2488429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488429"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-50010",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50010"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-50010",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50010"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-c653-97m9-rcg9",
"url": "https://github.com/netty/netty/security/advisories/GHSA-c653-97m9-rcg9"
}
],
"release_date": "2026-06-12T14:50:43.151000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass"
},
{
"cve": "CVE-2026-50559",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-06-09T10:55:32.426000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2486959"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Quarkus. A remote attacker could bypass HTTP path-based authorization policies by using specially crafted encoded semicolons, slashes, or backslashes in HTTP requests. This could allow unauthorized access to protected static resources, leading to information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.quarkus/quarkus-vertx-http: Quarkus: Authorization bypass in HTTP path-based policies via encoded characters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in Quarkus where HTTP path-based authorization policies can be bypassed by a remote attacker. Specially crafted HTTP requests containing encoded semicolons, slashes, or backslashes can circumvent security controls, allowing unauthorized access to protected static resources and leading to information disclosure. This is critical in deployments where Quarkus applications serve sensitive static content and rely solely on path-based authorization.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Streams for Apache Kafka 2.9.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-50559"
},
{
"category": "external",
"summary": "RHBZ#2486959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2486959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-50559",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50559"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-50559",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50559"
},
{
"category": "external",
"summary": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-qcxp-gm7m-4j5v",
"url": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-qcxp-gm7m-4j5v"
}
],
"release_date": "2026-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-07-02T00:03:15+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Streams for Apache Kafka 2.9.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "io.quarkus/quarkus-vertx-http: Quarkus: Authorization bypass in HTTP path-based policies via encoded characters"
}
]
}
WID-SEC-W-2026-1814
Vulnerability from csaf_certbund - Published: 2026-06-07 22:00 - Updated: 2026-06-15 22:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Netty ist ein asynchrones, ereignisgesteuertes Netzwerk-Anwendungs-Framework f\u00fcr die schnelle Entwicklung von wartbaren, hochleistungsf\u00e4higen Protokollservern und -clients.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Netty ausnutzen, um Sicherheitsvorkehrungen zu umgehen, Daten zu manipulieren, vertrauliche Informationen offenzulegen oder einen Denial-of-Service-Zustand herbeizuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1814 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1814.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1814 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1814"
},
{
"category": "external",
"summary": "Netty Security Advisories vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-3244-j874-rhc2 vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-3244-j874-rhc2"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-4grm-h2qv-h6w6 vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-4grm-h2qv-h6w6"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-5pvg-856g-cp85 vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-5pvg-856g-cp85"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-5w86-c3rq-vjj7 vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-5w86-c3rq-vjj7"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-5x3r-wrvg-rp6q vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-5x3r-wrvg-rp6q"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-5xrh-qmmq-w6ch vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-5xrh-qmmq-w6ch"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-676x-f7gg-47vc vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-676x-f7gg-47vc"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-6ghj-frrj-jjj3 vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-6ghj-frrj-jjj3"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-6jv9-x5w9-2ccm vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-6jv9-x5w9-2ccm"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-c2gf-v879-257j vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-c2gf-v879-257j"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-c2rx-5r8w-8xr2 vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-c2rx-5r8w-8xr2"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-c653-97m9-rcg9 vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-c653-97m9-rcg9"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-cc37-9q2j-3hfv vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-cc37-9q2j-3hfv"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-cmm3-54f8-px4j vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-cmm3-54f8-px4j"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-cq4q-cv5g-r8q5 vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-cq4q-cv5g-r8q5"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-h2qv-fj59-j46j vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-h2qv-fj59-j46j"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-hvcg-qmg6-jm4c vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-hvcg-qmg6-jm4c"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-w573-9ffj-6ff9 vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-w573-9ffj-6ff9"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-x4gw-5cx5-pgmh vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-x4gw-5cx5-pgmh"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-xmv7-r254-6q78 vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-xmv7-r254-6q78"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-xmv7-r254-6q78 vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-3qp7-7mw8-wx86"
},
{
"category": "external",
"summary": "Netty Security Advisories vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-563q-j3cm-6jxm"
}
],
"source_lang": "en-US",
"title": "Netty: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-06-15T22:00:00.000+00:00",
"generator": {
"date": "2026-06-16T08:20:02.393+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-1814",
"initial_release_date": "2026-06-07T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-06-07T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-06-08T22:00:00.000+00:00",
"number": "2",
"summary": "CVE erg\u00e4nzt"
},
{
"date": "2026-06-11T22:00:00.000+00:00",
"number": "3",
"summary": "Referenz(en) aufgenommen: EUVD-2026-36327, EUVD-2026-36357, EUVD-2026-36356"
},
{
"date": "2026-06-14T22:00:00.000+00:00",
"number": "4",
"summary": "Referenz(en) aufgenommen: EUVD-2026-36432, EUVD-2026-36450, EUVD-2026-36471, EUVD-2026-36465, EUVD-2026-36459, EUVD-2026-36451, EUVD-2026-36445, EUVD-2026-36457, EUVD-2026-36494, EUVD-2026-36468, EUVD-2026-36436, EUVD-2026-36439, EUVD-2026-36435, EUVD-2026-36489, EUVD-2026-36492"
},
{
"date": "2026-06-15T22:00:00.000+00:00",
"number": "5",
"summary": "Referenz(en) aufgenommen: CVE-2026-50009"
}
],
"status": "final",
"version": "5"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.2.15.Final",
"product": {
"name": "Open Source Netty \u003c4.2.15.Final",
"product_id": "T055037"
}
},
{
"category": "product_version",
"name": "4.2.15.Final",
"product": {
"name": "Open Source Netty 4.2.15.Final",
"product_id": "T055037-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:netty:netty:4.2.15.final"
}
}
},
{
"category": "product_version_range",
"name": "\u003c4.1.135.Final",
"product": {
"name": "Open Source Netty \u003c4.1.135.Final",
"product_id": "T055038"
}
},
{
"category": "product_version",
"name": "4.1.135.Final",
"product": {
"name": "Open Source Netty 4.1.135.Final",
"product_id": "T055038-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:netty:netty:4.1.135.final"
}
}
}
],
"category": "product_name",
"name": "Netty"
}
],
"category": "vendor",
"name": "Open Source"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-44249",
"product_status": {
"known_affected": [
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-44249"
},
{
"cve": "CVE-2026-44250",
"product_status": {
"known_affected": [
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-44250"
},
{
"cve": "CVE-2026-44890",
"product_status": {
"known_affected": [
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-44890"
},
{
"cve": "CVE-2026-44892",
"product_status": {
"known_affected": [
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-44892"
},
{
"cve": "CVE-2026-44893",
"product_status": {
"known_affected": [
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-44893"
},
{
"cve": "CVE-2026-44894",
"product_status": {
"known_affected": [
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-44894"
},
{
"cve": "CVE-2026-45416",
"product_status": {
"known_affected": [
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-45416"
},
{
"cve": "CVE-2026-45536",
"product_status": {
"known_affected": [
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-45536"
},
{
"cve": "CVE-2026-45673",
"product_status": {
"known_affected": [
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-45673"
},
{
"cve": "CVE-2026-45674",
"product_status": {
"known_affected": [
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-45674"
},
{
"cve": "CVE-2026-46340",
"product_status": {
"known_affected": [
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-46340"
},
{
"cve": "CVE-2026-47244",
"product_status": {
"known_affected": [
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-47244"
},
{
"cve": "CVE-2026-47691",
"product_status": {
"known_affected": [
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-47691"
},
{
"cve": "CVE-2026-48006",
"product_status": {
"known_affected": [
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-48006"
},
{
"cve": "CVE-2026-48043",
"product_status": {
"known_affected": [
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-48043"
},
{
"cve": "CVE-2026-48059",
"product_status": {
"known_affected": [
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-48059"
},
{
"cve": "CVE-2026-48748",
"product_status": {
"known_affected": [
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-48748"
},
{
"cve": "CVE-2026-50009",
"product_status": {
"known_affected": [
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-50009"
},
{
"cve": "CVE-2026-50010",
"product_status": {
"known_affected": [
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-50010"
},
{
"cve": "CVE-2026-50020",
"product_status": {
"known_affected": [
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-50020"
},
{
"cve": "CVE-2026-50560",
"product_status": {
"known_affected": [
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-50560"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.