VYPR
Moderate severityNVD Advisory· Published Nov 12, 2024· Updated Nov 13, 2024

Denial of Service attack on windows app using Netty

CVE-2024-47535

Description

Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file that does not exist. If an attacker creates such a large file, the Netty application crashes. This vulnerability is fixed in 4.1.115.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
io.netty:netty-commonMaven
< 4.1.115.Final4.1.115.Final

Affected products

604

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.