exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

CVE-2021-21409

Status Candidate

Overview

Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.61.Final there is a vulnerability that enables request smuggling. The content-length header is not correctly validated if the request only uses a single Http2HeaderFrame with the endStream set to to true. This could lead to request smuggling if the request is proxied to a remote peer and translated to HTTP/1.1. This is a followup of GHSA-wm47-8v5p-wjpj/CVE-2021-21295 which did miss to fix this one case. This was fixed as part of 4.1.61.Final.

Related Files

Red Hat Security Advisory 2022-5498-01
Posted Jul 6, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5498-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Issues addressed include HTTP request smuggling, buffer overflow, bypass, code execution, cross site scripting, denial of service, heap overflow, information leakage, privilege escalation, remote shell upload, remote SQL injection, and traversal vulnerabilities.

tags | advisory, remote, web, denial of service, overflow, shell, vulnerability, code execution, xss, sql injection
systems | linux, redhat
advisories | CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-30151, CVE-2021-3200, CVE-2021-32839, CVE-2021-33928, CVE-2021-33929, CVE-2021-33930, CVE-2021-33938, CVE-2021-3584, CVE-2021-41136, CVE-2021-4142, CVE-2021-42550
SHA-256 | c0789250da6e85f6ddbf1eff137427983e596902d3fa57015a6fd21b598eac60
Red Hat Security Advisory 2021-3880-01
Posted Oct 20, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3880-01 - This release of Red Hat build of Quarkus 2.2.3 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-28491, CVE-2021-20289, CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-26291, CVE-2021-3642
SHA-256 | b29513db3b841e348c1c412387fb1dbe89dde6df1c0b96058ae480c121a6b7c3
Red Hat Security Advisory 2021-3700-01
Posted Sep 30, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3700-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.9.0 serves as a replacement for Red Hat AMQ Broker 7.8.2, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include bypass, denial of service, information leakage, resource exhaustion, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, protocol
systems | linux, redhat
advisories | CVE-2020-13956, CVE-2020-27223, CVE-2021-20289, CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-28163, CVE-2021-28164, CVE-2021-28165, CVE-2021-28169, CVE-2021-29425, CVE-2021-3425, CVE-2021-34428, CVE-2021-34429, CVE-2021-3763
SHA-256 | a8a12dcc50fccbe685347bca1c58d45fbfe797cf6ab2e35bef81923f2d3fef9b
Red Hat Security Advisory 2021-3660-01
Posted Sep 24, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3660-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.1 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.0 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.1 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include code execution, cross site scripting, denial of service, and traversal vulnerabilities.

tags | advisory, java, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2020-13936, CVE-2021-21295, CVE-2021-21409, CVE-2021-28170, CVE-2021-29425, CVE-2021-3536, CVE-2021-3597, CVE-2021-3642, CVE-2021-3644, CVE-2021-3690
SHA-256 | 8bbceba9cbd43ed995bb0158809bfa86c293205d85398c40f9274bb087d0a7b4
Red Hat Security Advisory 2021-3658-01
Posted Sep 24, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3658-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.1 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.0 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.1 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include code execution, cross site scripting, denial of service, and traversal vulnerabilities.

tags | advisory, java, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2020-13936, CVE-2021-21295, CVE-2021-21409, CVE-2021-28170, CVE-2021-29425, CVE-2021-3536, CVE-2021-3597, CVE-2021-3642, CVE-2021-3644, CVE-2021-3690
SHA-256 | 0c1ca183150c4fd0104f07fbd5ecaa37a253605e363351d7d98a6c4fd259f6f4
Red Hat Security Advisory 2021-3656-01
Posted Sep 24, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3656-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.1 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.0 and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.1 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include code execution, cross site scripting, denial of service, and traversal vulnerabilities.

tags | advisory, java, denial of service, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2020-13936, CVE-2021-21295, CVE-2021-21409, CVE-2021-28170, CVE-2021-29425, CVE-2021-3536, CVE-2021-3597, CVE-2021-3642, CVE-2021-3644, CVE-2021-3690
SHA-256 | 08a3af8cbe1870441f18018302c3b12597f297139b17c3e59677079ae81cc243
Red Hat Security Advisory 2021-3225-01
Posted Aug 31, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3225-01 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 1.8.0 serves as a replacement for Red Hat AMQ Streams 1.7.0, and includes security and bug fixes, and enhancements. Issues addressed include information leakage, resource exhaustion, and traversal vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2017-18640, CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-27568, CVE-2021-28163, CVE-2021-28164, CVE-2021-28165, CVE-2021-28168, CVE-2021-28169, CVE-2021-29425, CVE-2021-34428
SHA-256 | f799cc6edbac4d0b98864f1662ed210d6e06f745c7ff0e79f347ad596baa1447
Red Hat Security Advisory 2021-2965-01
Posted Jul 30, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2965-01 - Red Hat Single Sign-On 7.4 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.4.8 serves as a replacement for Red Hat Single Sign-On 7.4.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a cross site scripting vulnerability.

tags | advisory, web, xss
systems | linux, redhat
advisories | CVE-2021-21409, CVE-2021-3536
SHA-256 | 5502336b85746ee81fff7e16aa81cd6f87dfc46e903a7840a4207753910e17e5
Red Hat Security Advisory 2021-2755-01
Posted Jul 15, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2755-01 - These are CVE issues filed against XP2 releases that have been fixed in the underlying EAP 7.3.x base, so no changes to the EAP XP2 code base. Issues addressed include bypass, code execution, cross site scripting, and information leakage vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | linux, redhat
advisories | CVE-2020-13936, CVE-2020-15522, CVE-2020-28052, CVE-2021-20220, CVE-2021-20250, CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-3536
SHA-256 | 31ae69e9f08af4355de9d2d62aa94a61d534a59f0507a16500efa8303f69b4d5
Red Hat Security Advisory 2021-2694-01
Posted Jul 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2694-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.8 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2021-21409, CVE-2021-3536
SHA-256 | 182d8c7206dd938e39e41e290e4cd6a338d031ef0d9174ec5787a46121cef39c
Red Hat Security Advisory 2021-2692-01
Posted Jul 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2692-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.8 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2021-21409, CVE-2021-3536
SHA-256 | 50ade74599cb1230ee646568de9051265f883647e4d34d15b7eb13f0a3f5248b
Red Hat Security Advisory 2021-2693-01
Posted Jul 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2693-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.8 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2021-21409, CVE-2021-3536
SHA-256 | cb33e2a011b4eb661fb9b4003f8a03f9d124b688c2850a6591807e59ec8532ed
Red Hat Security Advisory 2021-2696-01
Posted Jul 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2696-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.3.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.3.7, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.3.8 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include a cross site scripting vulnerability.

tags | advisory, java, xss
systems | linux, redhat
advisories | CVE-2021-21409, CVE-2021-3536
SHA-256 | 7261e658c9514c8017a4dc0c8a17b8993110cc1fbcc5571a4d01993d01611bde
Red Hat Security Advisory 2021-2689-01
Posted Jul 13, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2689-01 - AMQ Broker is a high-performance messaging implementation based on ActiveMQ Artemis. It uses an asynchronous journal for fast message persistence, and supports multiple languages, protocols, and platforms. This release of Red Hat AMQ Broker 7.8.2 serves as a replacement for Red Hat AMQ Broker 7.8.1, and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include denial of service, information leakage, and resource exhaustion vulnerabilities.

tags | advisory, denial of service, vulnerability, protocol
systems | linux, redhat
advisories | CVE-2020-27223, CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-28163, CVE-2021-28164, CVE-2021-28165, CVE-2021-3425
SHA-256 | 797ae866913245376a53ab9b2027c144a57e156f08fb0901e02b9cb20c189fda
Red Hat Security Advisory 2021-2465-01
Posted Jul 7, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2465-01 - This release of Red Hat build of Eclipse Vert.x 4.1.0 includes security updates, bug fixes, and enhancements. For more information, see the release notes listed in the References section. Issues addressed include a traversal vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-21409, CVE-2021-29425
SHA-256 | 6005ac66ffb30dc22fd8b18e713895854a177da32204495441130060cda89a8b
Red Hat Security Advisory 2021-2139-01
Posted May 27, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2139-01 - Red Hat Data Grid is a distributed, in-memory data store. This release of Red Hat Data Grid 8.2.0 serves as a replacement for Red Hat Data Grid 8.1.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass, code execution, denial of service, information leakage, and server-side request forgery vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2020-10771, CVE-2020-26258, CVE-2020-26259, CVE-2021-21290, CVE-2021-21295, CVE-2021-21341, CVE-2021-21342, CVE-2021-21343, CVE-2021-21344, CVE-2021-21345, CVE-2021-21346, CVE-2021-21347, CVE-2021-21348, CVE-2021-21349, CVE-2021-21350, CVE-2021-21351, CVE-2021-21409, CVE-2021-31917
SHA-256 | 26b79e23d99e81d46adcd853630427afc565a8681dad9bf539101220d92dd7b9
Red Hat Security Advisory 2021-1511-01
Posted May 6, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1511-01 - Red Hat AMQ Clients enable connecting, sending, and receiving messages over the AMQP 1.0 wire transport protocol to or from AMQ Broker 6 and 7. This update provides various bug fixes and enhancements in addition to the client package versions previously released on Red Hat Enterprise Linux 7 and 8. Issues addressed include an information leakage vulnerability.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2021-21290, CVE-2021-21295, CVE-2021-21409
SHA-256 | 387d5225b90090472ff8b9f0012515e87a3db7b6ae3622b3eb769acfc9779fbe
Debian Security Advisory 4885-1
Posted Apr 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4885-1 - Multiple security issues were discovered in Netty, a Java NIO client/server framework, which could result in HTTP request smuggling, denial of service or information disclosure.

tags | advisory, java, web, denial of service, info disclosure
systems | linux, debian
advisories | CVE-2019-20444, CVE-2019-20445, CVE-2020-11612, CVE-2020-7238, CVE-2021-21290, CVE-2021-21295, CVE-2021-21409
SHA-256 | 6a526fc31321b64c4acb5653a9654f65c2eb9bacc8eeae0a6e619452216f22f7
Page 1 of 1
Back1Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close