目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1310 CNY

100%
コーヒーを一杯おごる

netty 产品漏洞列表 / CVE 中文分析 55

netty 产品相关 55 条漏洞,AI 中文标题与摘要、CVSS、POC 一站汇总。

Netty 是由 Red Hat 开发的高性能异步事件驱动网络应用框架,本页面聚合了其相关的安全漏洞信息。收录内容涵盖拒绝服务、远程代码执行及缓冲区溢出等关键弱点,时间范围横跨多年至最新披露记录。读者可借此追踪厂商安全公告动态,深入理解网络通信层面的常见缺陷,并快速检索该框架的历史漏洞详情,以评估系统风险或验证补丁有效性,从而为架构加固与合规审计提供可靠的数据支持。

ベンダー: netty

CVE IDタイトルCVSS深刻度公開日
CVE-2026-42579 Netty: DNS Codec Input Validation Bypass in Netty (Encoder + Decoder) CWE-20 7.5 High2026-05-13
CVE-2026-42577 Netty: epoll transport denial of service via RST on half-closed TCP connection CWE-772 7.5 High2026-05-13
CVE-2026-42578 Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation CWE-113--2026-05-13
CVE-2026-42581 Netty: HTTP/1.0 TE+CL Coexistence Bypasses Smuggling Sanitization CWE-444 5.8 Medium2026-05-13
CVE-2026-41417 Netty vulnerable to HTTP request smuggling and RTSP request injection via DefaultHttpRequest.setUri() CWE-93 5.3 Medium2026-05-06
CVE-2026-33871 Netty HTTP/2 CONTINUATION Frame Flood DoS via Zero-Byte Frame Bypass CWE-770 7.5 -2026-03-27
CVE-2026-33870 Netty: HTTP Request Smuggling via Chunked Extension Quoted-String Parsing CWE-444 7.5 High2026-03-27
CVE-2025-67735 Netty has a CRLF Injection vulnerability in io.netty.handler.codec.http.HttpRequestEncoder CWE-93 6.5 Medium2025-12-16
CVE-2025-59419 Netty netty-codec-smtp SMTP Command Injection Vulnerability Allowing Email Forgery CWE-93 9.8 -2025-10-15
CVE-2025-58057 Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack CWE-409 7.5AIHighAI2025-09-03
CVE-2025-58056 Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions CWE-444 7.4AIHighAI2025-09-03
CVE-2025-55163 Netty MadeYouReset HTTP/2 DDoS Vulnerability CWE-770 7.5AIHighAI2025-08-13
CVE-2025-25193 Denial of Service attack on windows app using Netty CWE-400 5.5 Medium2025-02-10
CVE-2025-24970 SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine CWE-20 7.5 High2025-02-10
CVE-2024-47535 Denial of Service attack on windows app using Netty CWE-400 5.5 Medium2024-11-12
CVE-2024-29025 Netty HttpPostRequestDecoder can OOM CWE-770 5.3 Medium2024-03-25
CVE-2023-34462 netty-handler SniHandler 16MB allocation CWE-400 6.5 Medium2023-06-22
CVE-2022-41915 Netty 安全漏洞 CWE-436 6.5 Medium2022-12-13
CVE-2022-41881 Netty 安全漏洞 CWE-674 5.3 Medium2022-12-12
CVE-2022-24823 Local Information Disclosure Vulnerability in io.netty:netty-codec-http CWE-668 5.5 Medium2022-05-06
CVE-2021-43797 HTTP fails to validate against control chars in header names which may lead to HTTP request smuggling CWE-444 6.5 Medium2021-12-09
CVE-2021-37137 Netty 资源管理错误漏洞 CWE-400 7.5 -2021-10-19
CVE-2021-37136 Netty 资源管理错误漏洞 CWE-400 7.5 -2021-10-19
CVE-2021-21409 Possible request smuggling in HTTP/2 due missing validation of content-length CWE-444 5.9 Medium2021-03-30
CVE-2021-21290 Local Information Disclosure Vulnerability in Netty on Unix-Like systems due temporary files CWE-378 6.2 Medium2021-02-08

netty 产品累计公开 55 条 CVE 漏洞,本页提供按时间倒序的完整列表,包含 CVSS、CWE、AI 中文摘要与可获取的 POC 链接。