Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-50009 (GCVE-0-2026-50009)
Vulnerability from cvelistv5 – Published: 2026-06-12 14:47 – Updated: 2026-06-12 16:09
VLAI
EPSS
Title
Netty QUIC stateless reset token material exposed through header-visible connection IDs
Summary
Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, Netty QUIC exposes the stateless reset token on the network path when using the default HMAC-based connection-ID and stateless-reset-token generators. The reset token for the server's current source connection ID can be derived from bytes that appear as the connection ID in QUIC headers after a source-CID rotation. An on-path attacker observing the headers can use the token to perform a Denial of Service by sending a spoofed Stateless Reset packet. Version 4.2.15.Final patches the issue.
Severity
4.8 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/netty/netty/security/advisorie… | x_refsource_CONFIRM |
| https://github.com/netty/netty/releases/tag/netty… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-50009",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-12T16:09:14.105140Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T16:09:20.567Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "netty",
"vendor": "netty",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.2.0.Final, \u003c 4.2.15.Final"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, Netty QUIC exposes the stateless reset token on the network path when using the default HMAC-based connection-ID and stateless-reset-token generators. The reset token for the server\u0027s current source connection ID can be derived from bytes that appear as the connection ID in QUIC headers after a source-CID rotation. An on-path attacker observing the headers can use the token to perform a Denial of Service by sending a spoofed Stateless Reset packet. Version 4.2.15.Final patches the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-330",
"description": "CWE-330: Use of Insufficiently Random Values",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T14:54:31.972Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/netty/netty/security/advisories/GHSA-cq4q-cv5g-r8q5",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/netty/netty/security/advisories/GHSA-cq4q-cv5g-r8q5"
},
{
"name": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
}
],
"source": {
"advisory": "GHSA-cq4q-cv5g-r8q5",
"discovery": "UNKNOWN"
},
"title": "Netty QUIC stateless reset token material exposed through header-visible connection IDs"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-50009",
"datePublished": "2026-06-12T14:47:09.748Z",
"dateReserved": "2026-06-02T22:46:02.578Z",
"dateUpdated": "2026-06-12T16:09:20.567Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-50009",
"date": "2026-06-25",
"epss": "0.00204",
"percentile": "0.10382"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-50009\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-06-12T16:16:31.047\",\"lastModified\":\"2026-06-15T02:31:31.727\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, Netty QUIC exposes the stateless reset token on the network path when using the default HMAC-based connection-ID and stateless-reset-token generators. The reset token for the server\u0027s current source connection ID can be derived from bytes that appear as the connection ID in QUIC headers after a source-CID rotation. An on-path attacker observing the headers can use the token to perform a Denial of Service by sending a spoofed Stateless Reset packet. Version 4.2.15.Final patches the issue.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L\",\"baseScore\":4.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.2,\"impactScore\":2.5}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"},{\"lang\":\"en\",\"value\":\"CWE-330\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.2.0\",\"versionEndExcluding\":\"4.2.15\",\"matchCriteriaId\":\"413D4611-A46C-4BE4-AB2F-D86282F65984\"}]}]}],\"references\":[{\"url\":\"https://github.com/netty/netty/releases/tag/netty-4.2.15.Final\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/netty/netty/security/advisories/GHSA-cq4q-cv5g-r8q5\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-50009\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-06-12T16:09:14.105140Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-06-12T16:09:16.917Z\"}}], \"cna\": {\"title\": \"Netty QUIC stateless reset token material exposed through header-visible connection IDs\", \"source\": {\"advisory\": \"GHSA-cq4q-cv5g-r8q5\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"netty\", \"product\": \"netty\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 4.2.0.Final, \u003c 4.2.15.Final\"}]}], \"references\": [{\"url\": \"https://github.com/netty/netty/security/advisories/GHSA-cq4q-cv5g-r8q5\", \"name\": \"https://github.com/netty/netty/security/advisories/GHSA-cq4q-cv5g-r8q5\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/netty/netty/releases/tag/netty-4.2.15.Final\", \"name\": \"https://github.com/netty/netty/releases/tag/netty-4.2.15.Final\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, Netty QUIC exposes the stateless reset token on the network path when using the default HMAC-based connection-ID and stateless-reset-token generators. The reset token for the server\u0027s current source connection ID can be derived from bytes that appear as the connection ID in QUIC headers after a source-CID rotation. An on-path attacker observing the headers can use the token to perform a Denial of Service by sending a spoofed Stateless Reset packet. Version 4.2.15.Final patches the issue.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-200\", \"description\": \"CWE-200: Exposure of Sensitive Information to an Unauthorized Actor\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-330\", \"description\": \"CWE-330: Use of Insufficiently Random Values\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-06-12T14:54:31.972Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-50009\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-06-12T16:09:20.567Z\", \"dateReserved\": \"2026-06-02T22:46:02.578Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-06-12T14:47:09.748Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
FKIE_CVE-2026-50009
Vulnerability from fkie_nvd - Published: 2026-06-12 16:16 - Updated: 2026-06-17 10:57
Severity
Summary
Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, Netty QUIC exposes the stateless reset token on the network path when using the default HMAC-based connection-ID and stateless-reset-token generators. The reset token for the server's current source connection ID can be derived from bytes that appear as the connection ID in QUIC headers after a source-CID rotation. An on-path attacker observing the headers can use the token to perform a Denial of Service by sending a spoofed Stateless Reset packet. Version 4.2.15.Final patches the issue.
References
{
"affected": [
{
"affectedData": [
{
"product": "netty",
"vendor": "netty",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.2.0.Final, \u003c 4.2.15.Final"
}
]
}
],
"source": "security-advisories@github.com"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*",
"matchCriteriaId": "413D4611-A46C-4BE4-AB2F-D86282F65984",
"versionEndExcluding": "4.2.15",
"versionStartIncluding": "4.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, Netty QUIC exposes the stateless reset token on the network path when using the default HMAC-based connection-ID and stateless-reset-token generators. The reset token for the server\u0027s current source connection ID can be derived from bytes that appear as the connection ID in QUIC headers after a source-CID rotation. An on-path attacker observing the headers can use the token to perform a Denial of Service by sending a spoofed Stateless Reset packet. Version 4.2.15.Final patches the issue."
}
],
"id": "CVE-2026-50009",
"lastModified": "2026-06-17T10:57:34.923",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 2.5,
"source": "security-advisories@github.com",
"type": "Secondary"
}
],
"ssvcV203": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"ssvcData": {
"id": "CVE-2026-50009",
"options": [
{
"exploitation": "none"
},
{
"automatable": "no"
},
{
"technicalImpact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-12T16:09:14.105140Z",
"version": "2.0.3"
}
}
]
},
"published": "2026-06-12T16:16:31.047",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/netty/netty/security/advisories/GHSA-cq4q-cv5g-r8q5"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
},
{
"lang": "en",
"value": "CWE-330"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
}
GHSA-CQ4Q-CV5G-R8Q5
Vulnerability from github – Published: 2026-06-15 20:44 – Updated: 2026-06-15 20:44
VLAI
Summary
Netty: QUIC stateless reset token material exposed through header-visible connection IDs
Details
Summary
Netty QUIC exposes the stateless reset token on the network path when using the default HMAC-based connection-ID and stateless-reset-token generators. The reset token for the server's current source connection ID can be derived from bytes that appear as the connection ID in QUIC headers after a source-CID rotation. An on-path attacker observing the headers can use the token to perform a Denial of Service by sending a spoofed Stateless Reset packet.
Details
The sign-based connection ID generator (HmacSignQuicConnectionIdGenerator) and reset token generator (HmacSignQuicResetTokenGenerator) both evaluate HMAC-SHA256 with the same JVM-wide static key (io.netty.handler.codec.quic.Hmac).
During source CID rotation (QuicheQuicChannel.newSourceConnectionIds), the current server source CID C is used as input to produce the next CID N. The stateless reset token for C is defined over HMAC(K, C), specifically the first 16 bytes. The next CID N is the first L bytes of the same digest, where L = |C|.
Whenever L ≥ 16, the first 16 bytes of N are exactly the stateless reset token for C. Because N is carried in QUIC headers as a connection ID, an observer can read the headers and learn the reset token without decrypting the payload.
This directly violates RFC 9000
https://datatracker.ietf.org/doc/html/rfc9000#name-calculating-a-stateless-res: The stateless reset token MUST be difficult to guess.
Additionally https://datatracker.ietf.org/doc/html/rfc9000#name-stateless-reset-oracle
Impact
Information Disclosure and Denial of Service. An on-path attacker can obtain the stateless reset token from the connection ID header and attempt to abruptly close the client side of the connection by sending a spoofed Stateless Reset datagram.
Severity
4.8 (Medium)
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 4.2.14.Final"
},
"package": {
"ecosystem": "Maven",
"name": "io.netty:netty-codec-classes-quic"
},
"ranges": [
{
"events": [
{
"introduced": "4.2.0.Final"
},
{
"fixed": "4.2.15.Final"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-50009"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-330"
],
"github_reviewed": true,
"github_reviewed_at": "2026-06-15T20:44:20Z",
"nvd_published_at": "2026-06-12T16:16:31Z",
"severity": "MODERATE"
},
"details": "### Summary\nNetty QUIC exposes the stateless reset token on the network path when using the default HMAC-based connection-ID and stateless-reset-token generators. The reset token for the server\u0027s current source connection ID can be derived from bytes that appear as the connection ID in QUIC headers after a source-CID rotation. An on-path attacker observing the headers can use the token to perform a Denial of Service by sending a spoofed Stateless Reset packet.\n\n### Details\nThe sign-based connection ID generator (HmacSignQuicConnectionIdGenerator) and reset token generator (HmacSignQuicResetTokenGenerator) both evaluate HMAC-SHA256 with the same JVM-wide static key (io.netty.handler.codec.quic.Hmac).\n\nDuring source CID rotation (QuicheQuicChannel.newSourceConnectionIds), the current server source CID C is used as input to produce the next CID N. The stateless reset token for C is defined over HMAC(K, C), specifically the first 16 bytes. The next CID N is the first L bytes of the same digest, where L = |C|.\n\nWhenever L \u2265 16, the first 16 bytes of N are exactly the stateless reset token for C. Because N is carried in QUIC headers as a connection ID, an observer can read the headers and learn the reset token without decrypting the payload.\n\nThis directly violates RFC 9000\nhttps://datatracker.ietf.org/doc/html/rfc9000#name-calculating-a-stateless-res: `The stateless reset token MUST be difficult to guess.`\nAdditionally https://datatracker.ietf.org/doc/html/rfc9000#name-stateless-reset-oracle\n\n### Impact\nInformation Disclosure and Denial of Service. An on-path attacker can obtain the stateless reset token from the connection ID header and attempt to abruptly close the client side of the connection by sending a spoofed Stateless Reset datagram.",
"id": "GHSA-cq4q-cv5g-r8q5",
"modified": "2026-06-15T20:44:20Z",
"published": "2026-06-15T20:44:20Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/netty/netty/security/advisories/GHSA-cq4q-cv5g-r8q5"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50009"
},
{
"type": "PACKAGE",
"url": "https://github.com/netty/netty"
},
{
"type": "WEB",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"type": "CVSS_V3"
}
],
"summary": "Netty: QUIC stateless reset token material exposed through header-visible connection IDs"
}
WID-SEC-W-2026-1814
Vulnerability from csaf_certbund - Published: 2026-06-07 22:00 - Updated: 2026-06-17 22:00Summary
Netty: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Netty ist ein asynchrones, ereignisgesteuertes Netzwerk-Anwendungs-Framework für die schnelle Entwicklung von wartbaren, hochleistungsfähigen Protokollservern und -clients.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Netty ausnutzen, um Sicherheitsvorkehrungen zu umgehen, Daten zu manipulieren, vertrauliche Informationen offenzulegen oder einen Denial-of-Service-Zustand herbeizuführen.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Open Source Netty <4.1.135.Final
Open Source / Netty
|
<4.1.135.Final | ||
|
Open Source Netty <4.2.15.Final
Open Source / Netty
|
<4.2.15.Final |
References
28 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Netty ist ein asynchrones, ereignisgesteuertes Netzwerk-Anwendungs-Framework f\u00fcr die schnelle Entwicklung von wartbaren, hochleistungsf\u00e4higen Protokollservern und -clients.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Netty ausnutzen, um Sicherheitsvorkehrungen zu umgehen, Daten zu manipulieren, vertrauliche Informationen offenzulegen oder einen Denial-of-Service-Zustand herbeizuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1814 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1814.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1814 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1814"
},
{
"category": "external",
"summary": "Netty Security Advisories vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-3244-j874-rhc2 vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-3244-j874-rhc2"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-4grm-h2qv-h6w6 vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-4grm-h2qv-h6w6"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-5pvg-856g-cp85 vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-5pvg-856g-cp85"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-5w86-c3rq-vjj7 vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-5w86-c3rq-vjj7"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-5x3r-wrvg-rp6q vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-5x3r-wrvg-rp6q"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-5xrh-qmmq-w6ch vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-5xrh-qmmq-w6ch"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-676x-f7gg-47vc vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-676x-f7gg-47vc"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-6ghj-frrj-jjj3 vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-6ghj-frrj-jjj3"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-6jv9-x5w9-2ccm vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-6jv9-x5w9-2ccm"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-c2gf-v879-257j vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-c2gf-v879-257j"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-c2rx-5r8w-8xr2 vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-c2rx-5r8w-8xr2"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-c653-97m9-rcg9 vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-c653-97m9-rcg9"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-cc37-9q2j-3hfv vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-cc37-9q2j-3hfv"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-cmm3-54f8-px4j vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-cmm3-54f8-px4j"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-cq4q-cv5g-r8q5 vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-cq4q-cv5g-r8q5"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-h2qv-fj59-j46j vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-h2qv-fj59-j46j"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-hvcg-qmg6-jm4c vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-hvcg-qmg6-jm4c"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-w573-9ffj-6ff9 vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-w573-9ffj-6ff9"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-x4gw-5cx5-pgmh vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-x4gw-5cx5-pgmh"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-xmv7-r254-6q78 vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-xmv7-r254-6q78"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-xmv7-r254-6q78 vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-3qp7-7mw8-wx86"
},
{
"category": "external",
"summary": "Netty Security Advisories vom 2026-06-07",
"url": "https://github.com/netty/netty/security/advisories/GHSA-563q-j3cm-6jxm"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:26018 vom 2026-06-17",
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:26017 vom 2026-06-17",
"url": "https://access.redhat.com/errata/RHSA-2026:26017"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:26586 vom 2026-06-18",
"url": "https://access.redhat.com/errata/RHSA-2026:26586"
}
],
"source_lang": "en-US",
"title": "Netty: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-06-17T22:00:00.000+00:00",
"generator": {
"date": "2026-06-18T08:31:55.773+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-1814",
"initial_release_date": "2026-06-07T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-06-07T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-06-08T22:00:00.000+00:00",
"number": "2",
"summary": "CVE erg\u00e4nzt"
},
{
"date": "2026-06-11T22:00:00.000+00:00",
"number": "3",
"summary": "Referenz(en) aufgenommen: EUVD-2026-36327, EUVD-2026-36357, EUVD-2026-36356"
},
{
"date": "2026-06-14T22:00:00.000+00:00",
"number": "4",
"summary": "Referenz(en) aufgenommen: EUVD-2026-36432, EUVD-2026-36450, EUVD-2026-36471, EUVD-2026-36465, EUVD-2026-36459, EUVD-2026-36451, EUVD-2026-36445, EUVD-2026-36457, EUVD-2026-36494, EUVD-2026-36468, EUVD-2026-36436, EUVD-2026-36439, EUVD-2026-36435, EUVD-2026-36489, EUVD-2026-36492"
},
{
"date": "2026-06-15T22:00:00.000+00:00",
"number": "5",
"summary": "Referenz(en) aufgenommen: CVE-2026-50009"
},
{
"date": "2026-06-17T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "6"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.2.15.Final",
"product": {
"name": "Open Source Netty \u003c4.2.15.Final",
"product_id": "T055037"
}
},
{
"category": "product_version",
"name": "4.2.15.Final",
"product": {
"name": "Open Source Netty 4.2.15.Final",
"product_id": "T055037-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:netty:netty:4.2.15.final"
}
}
},
{
"category": "product_version_range",
"name": "\u003c4.1.135.Final",
"product": {
"name": "Open Source Netty \u003c4.1.135.Final",
"product_id": "T055038"
}
},
{
"category": "product_version",
"name": "4.1.135.Final",
"product": {
"name": "Open Source Netty 4.1.135.Final",
"product_id": "T055038-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:netty:netty:4.1.135.final"
}
}
}
],
"category": "product_name",
"name": "Netty"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-44249",
"product_status": {
"known_affected": [
"67646",
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-44249"
},
{
"cve": "CVE-2026-44250",
"product_status": {
"known_affected": [
"67646",
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-44250"
},
{
"cve": "CVE-2026-44890",
"product_status": {
"known_affected": [
"67646",
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-44890"
},
{
"cve": "CVE-2026-44892",
"product_status": {
"known_affected": [
"67646",
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-44892"
},
{
"cve": "CVE-2026-44893",
"product_status": {
"known_affected": [
"67646",
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-44893"
},
{
"cve": "CVE-2026-44894",
"product_status": {
"known_affected": [
"67646",
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-44894"
},
{
"cve": "CVE-2026-45416",
"product_status": {
"known_affected": [
"67646",
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-45416"
},
{
"cve": "CVE-2026-45536",
"product_status": {
"known_affected": [
"67646",
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-45536"
},
{
"cve": "CVE-2026-45673",
"product_status": {
"known_affected": [
"67646",
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-45673"
},
{
"cve": "CVE-2026-45674",
"product_status": {
"known_affected": [
"67646",
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-45674"
},
{
"cve": "CVE-2026-46340",
"product_status": {
"known_affected": [
"67646",
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-46340"
},
{
"cve": "CVE-2026-47244",
"product_status": {
"known_affected": [
"67646",
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-47244"
},
{
"cve": "CVE-2026-47691",
"product_status": {
"known_affected": [
"67646",
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-47691"
},
{
"cve": "CVE-2026-48006",
"product_status": {
"known_affected": [
"67646",
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-48006"
},
{
"cve": "CVE-2026-48043",
"product_status": {
"known_affected": [
"67646",
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-48043"
},
{
"cve": "CVE-2026-48059",
"product_status": {
"known_affected": [
"67646",
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-48059"
},
{
"cve": "CVE-2026-48748",
"product_status": {
"known_affected": [
"67646",
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-48748"
},
{
"cve": "CVE-2026-50009",
"product_status": {
"known_affected": [
"67646",
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-50009"
},
{
"cve": "CVE-2026-50010",
"product_status": {
"known_affected": [
"67646",
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-50010"
},
{
"cve": "CVE-2026-50020",
"product_status": {
"known_affected": [
"67646",
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-50020"
},
{
"cve": "CVE-2026-50560",
"product_status": {
"known_affected": [
"67646",
"T055038",
"T055037"
]
},
"release_date": "2026-06-07T22:00:00.000+00:00",
"title": "CVE-2026-50560"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…