GHSA-rv63-gqm8-9w8q
Suggest an improvement- Source
- https://github.com/advisories/GHSA-rv63-gqm8-9w8q
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-rv63-gqm8-9w8q/GHSA-rv63-gqm8-9w8q.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-rv63-gqm8-9w8q
- Aliases
- Published
- 2022-05-13T01:11:43Z
- Modified
- 2024-02-16T08:13:46.004283Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- Loop with Unreachable Exit Condition in Netty
- Details
-
handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and 4.1.x before 4.1.1.Final allows remote attackers to cause a denial of service (infinite loop).
- Database specific
{ "nvd_published_at": "2017-04-13T14:59:00Z", "cwe_ids": [ "CWE-835" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2022-07-06T19:54:08Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2016-4970
- https://github.com/netty/netty/pull/5364
- https://bugzilla.redhat.com/show_bug.cgi?id=1343616
- https://github.com/netty/netty
- https://lists.apache.org/thread.html/afaa5860e3a6d327eb96c3d82cbd2f5996de815a16854ed1ad310144@%3Ccommits.cassandra.apache.org%3E
- https://wiki.opendaylight.org/view/Security_Advisories
- http://netty.io/news/2016/06/07/4-0-37-Final.html
- http://netty.io/news/2016/06/07/4-1-1-Final.html
- http://rhn.redhat.com/errata/RHSA-2017-0179.html
- http://rhn.redhat.com/errata/RHSA-2017-1097.html
Affected packages
Maven / io.netty:netty-handler
Package
- Name
- io.netty:netty-handler
- View open source insights on deps.dev
- Purl
- pkg:maven/io.netty/netty-handler
Affected versions
4.*
4.0.0.Alpha1
4.0.0.Alpha2
4.0.0.Alpha3
4.0.0.Alpha4
4.0.0.Alpha5
4.0.0.Alpha6
4.0.0.Alpha7
4.0.0.Alpha8
4.0.0.Beta1
4.0.0.Beta2
4.0.0.Beta3
4.0.0.CR1
4.0.0.CR2
4.0.0.CR3
4.0.0.CR4
4.0.0.CR5
4.0.0.CR6
4.0.0.CR7
4.0.0.CR8
4.0.0.CR9
4.0.0.Final
4.0.1.Final
4.0.2.Final
4.0.3.Final
4.0.4.Final
4.0.5.Final
4.0.6.Final
4.0.7.Final
4.0.8.Final
4.0.9.Final
4.0.10.Final
4.0.11.Final
4.0.12.Final
4.0.13.Final
4.0.14.Beta1
4.0.14.Final
4.0.15.Final
4.0.16.Final
4.0.17.Final
4.0.18.Final
4.0.19.Final
4.0.20.Final
4.0.21.Final
4.0.22.Final
4.0.23.Final
4.0.24.Final
4.0.25.Final
4.0.26.Final
4.0.27.Final
4.0.28.Final
4.0.29.Final
4.0.30.Final
4.0.31.Final
4.0.32.Final
4.0.33.Final
4.0.34.Final
4.0.35.Final
4.0.36.Final
Maven / io.netty:netty-handler
Package
- Name
- io.netty:netty-handler
- View open source insights on deps.dev
- Purl
- pkg:maven/io.netty/netty-handler