admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2020/11xxx/CVE-2020-11612.json

267 lines
16 KiB
JSON
Raw Normal View History

"-Synchronized-Data."
2020-04-07 18:01:17 +00:00
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-11612",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. An attacker could send a large ZlibEncoded byte stream to the Netty server, forcing the server to allocate all of its free memory to a single decoder."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
"-Synchronized-Data."
2020-04-09 03:01:16 +00:00
{
"refsource": "MLIST",
"name": "[druid-commits] 20200408 [GitHub] [druid] ccaominh opened a new pull request #9651: Upgrade netty 4 to fix CVE-2020-11612",
"url": "https://lists.apache.org/thread.html/r2958e4d49ee046e1e561e44fdc114a0d2285927501880f15852a9b53@%3Ccommits.druid.apache.org%3E"
"-Synchronized-Data."
2020-04-09 22:01:16 +00:00
},
{
"refsource": "MLIST",
"name": "[druid-commits] 20200409 [GitHub] [druid] jon-wei merged pull request #9651: Upgrade netty 4 to fix CVE-2020-11612",
"url": "https://lists.apache.org/thread.html/r3195127e46c87a680b5d1d3733470f83b886bfd3b890c50df718bed1@%3Ccommits.druid.apache.org%3E"
"-Synchronized-Data."
2020-04-09 23:01:24 +00:00
},
{
"refsource": "MLIST",
"name": "[druid-commits] 20200409 [GitHub] [druid] ccaominh opened a new pull request #9654: [Backport] Upgrade netty 4 to fix CVE-2020-11612 (#9651)",
"url": "https://lists.apache.org/thread.html/r14446ed58208cb6d97b6faa6ebf145f1cf2c70c0886c0c133f4d3b6f@%3Ccommits.druid.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[druid-commits] 20200409 [GitHub] [druid] ccaominh commented on issue #9654: [Backport] Upgrade netty 4 to fix CVE-2020-11612 (#9651)",
"url": "https://lists.apache.org/thread.html/ra98e3a8541a09271f96478d5e22c7e3bd1afdf48641c8be25d62d9f9@%3Ccommits.druid.apache.org%3E"
"-Synchronized-Data."
2020-04-10 02:01:16 +00:00
},
{
"refsource": "MLIST",
"name": "[druid-commits] 20200409 [GitHub] [druid] jon-wei merged pull request #9654: [Backport] Upgrade netty 4 to fix CVE-2020-11612 (#9651)",
"url": "https://lists.apache.org/thread.html/r8a654f11e1172b0effbfd6f8d5b6ca651ae4ac724a976923c268a42f@%3Ccommits.druid.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[druid-commits] 20200409 [druid] branch 0.18.0 updated: Upgrade netty 4 to fix CVE-2020-11612 (#9651) (#9654)",
"url": "https://lists.apache.org/thread.html/r7836bbdbe95c99d4d725199f0c169927d4e87ba57e4beeeb699c097a@%3Ccommits.druid.apache.org%3E"
"-Synchronized-Data."
2020-04-14 00:01:16 +00:00
},
{
"refsource": "MLIST",
"name": "[zookeeper-issues] 20200413 [jira] [Updated] (ZOOKEEPER-3794) upgrade netty to address CVE-2020-11612",
"url": "https://lists.apache.org/thread.html/r5b1ad61552591b747cd31b3a908d5ff2e8f2a8a6847583dd6b7b1ee7@%3Cissues.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-issues] 20200413 [jira] [Created] (ZOOKEEPER-3794) upgrade netty to address CVE-2020-11612",
"url": "https://lists.apache.org/thread.html/r88e2b91560c065ed67e62adf8f401c417e4d70256d11ea447215a70c@%3Cissues.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-dev] 20200413 [jira] [Created] (ZOOKEEPER-3794) upgrade netty to address CVE-2020-11612",
"url": "https://lists.apache.org/thread.html/rfd173eac20d5e5f581c8984b685c836dafea8eb2f7ff85f617704cf1@%3Cdev.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-notifications] 20200413 [GitHub] [zookeeper] phunt opened a new pull request #1319: ZOOKEEPER-3794: upgrade netty to address CVE-2020-11612",
"url": "https://lists.apache.org/thread.html/ref2c8a0cbb3b8271e5b9a06457ba78ad2028128627186531730f50ef@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-issues] 20200413 [jira] [Assigned] (ZOOKEEPER-3794) upgrade netty to address CVE-2020-11612",
"url": "https://lists.apache.org/thread.html/r255ed239e65d0596812362adc474bee96caf7ba042c7ad2f3c62cec7@%3Cissues.zookeeper.apache.org%3E"
"-Synchronized-Data."
2020-04-14 08:01:15 +00:00
},
{
"refsource": "MLIST",
"name": "[zookeeper-notifications] 20200414 [GitHub] [zookeeper] eolivelli commented on issue #1319: ZOOKEEPER-3794: upgrade netty to address CVE-2020-11612",
"url": "https://lists.apache.org/thread.html/rf803b65b4a57589d79cf2e83d8ece0539018d32864f932f63c972844@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-notifications] 20200414 [GitHub] [zookeeper] phunt commented on issue #1319: ZOOKEEPER-3794: upgrade netty to address CVE-2020-11612",
"url": "https://lists.apache.org/thread.html/rd302ddb501fa02c5119120e5fc21df9a1c00e221c490edbe2d7ad365@%3Cnotifications.zookeeper.apache.org%3E"
"-Synchronized-Data."
2020-04-15 12:01:29 +00:00
},
{
"refsource": "MLIST",
"name": "[zookeeper-issues] 20200415 [jira] [Resolved] (ZOOKEEPER-3794) upgrade netty to address CVE-2020-11612",
"url": "https://lists.apache.org/thread.html/re1ea144e91f03175d661b2d3e97c7d74b912e019613fa90419cf63f4@%3Cissues.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-commits] 20200415 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-3794: upgrade netty to address CVE-2020-11612",
"url": "https://lists.apache.org/thread.html/r866288c2ada00ce148b7307cdf869f15f24302b3eb2128af33830997@%3Ccommits.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-commits] 20200415 [zookeeper] branch release-3.6.1 updated: ZOOKEEPER-3794: upgrade netty to address CVE-2020-11612",
"url": "https://lists.apache.org/thread.html/rff8859c0d06b1688344b39097f9685c43b461cf2bc41f60f001704e9@%3Ccommits.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-notifications] 20200415 [GitHub] [zookeeper] eolivelli closed pull request #1319: ZOOKEEPER-3794: upgrade netty to address CVE-2020-11612",
"url": "https://lists.apache.org/thread.html/r4a7e4e23bd84ac24abf30ab5d5edf989c02b555e1eca6a2f28636692@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-commits] 20200415 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-3794: upgrade netty to address CVE-2020-11612",
"url": "https://lists.apache.org/thread.html/r9c30b7fca4baedebcb46d6e0f90071b30cc4a0e074164d50122ec5ec@%3Ccommits.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-commits] 20200415 [zookeeper] branch master updated: ZOOKEEPER-3794: upgrade netty to address CVE-2020-11612",
"url": "https://lists.apache.org/thread.html/r281882fdf9ea89aac02fd2f92786693a956aac2ce9840cce87c7df6b@%3Ccommits.zookeeper.apache.org%3E"
"-Synchronized-Data."
2020-04-15 15:01:45 +00:00
},
{
"refsource": "MLIST",
"name": "[zookeeper-notifications] 20200415 Build failed in Jenkins: zookeeper-master-maven-jdk12 #465",
"url": "https://lists.apache.org/thread.html/r5030cd8ea5df1e64cf6a7b633eff145992fbca03e8bfc687cd2427ab@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-notifications] 20200415 Build failed in Jenkins: zookeeper-branch36-java8 #137",
"url": "https://lists.apache.org/thread.html/r3ea4918d20d0c1fa26cac74cc7cda001d8990bc43473d062867ef70d@%3Cnotifications.zookeeper.apache.org%3E"
"-Synchronized-Data."
2020-04-16 19:03:42 +00:00
},
{
"refsource": "MLIST",
"name": "[pulsar-commits] 20200416 [GitHub] [pulsar] massakam opened a new pull request #6746: [build] Bump netty version to 4.1.48.Final",
"url": "https://lists.apache.org/thread.html/ref3943adbc3a8813aee0e3a9dd919bacbb27f626be030a3c6d6c7f83@%3Ccommits.pulsar.apache.org%3E"
"-Synchronized-Data."
2020-04-24 06:01:12 +00:00
},
"-Synchronized-Data."
2020-05-04 09:01:11 +00:00
{
"refsource": "MLIST",
"name": "[zookeeper-commits] 20200504 [zookeeper] branch master updated: ZOOKEEPER-3794: upgrade netty to address CVE-2020-11612 - fixed file rename typo",
"url": "https://lists.apache.org/thread.html/r9addb580456807cd11d6f0c6b6373b7d7161d06d2278866c30c7febb@%3Ccommits.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-notifications] 20200504 Build failed in Jenkins: zookeeper-master-maven #784",
"url": "https://lists.apache.org/thread.html/r4f4a14d6a608db447b725ec2e96c26ac9664d83cd879aa21e2cfeb24@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-notifications] 20200504 Build failed in Jenkins: zookeeper-master-maven-owasp #489",
"url": "https://lists.apache.org/thread.html/r7641ee788e1eb1be4bb206a7d15f8a64ec6ef23e5ec6132d5a567695@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-commits] 20200504 [zookeeper] branch branch-3.6 updated: ZOOKEEPER-3794: upgrade netty to address CVE-2020-11612 - fixed file rename typo",
"url": "https://lists.apache.org/thread.html/rf9f8bcc4ca8d2788f77455ff594468404732a4497baebe319043f4d5@%3Ccommits.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-notifications] 20200504 Build failed in Jenkins: zookeeper-master-maven-jdk12 #490",
"url": "https://lists.apache.org/thread.html/r5a0b1f0b1c3bcd66f5177fbd6f6de2d0f8cae24a13ab2669f274251a@%3Cnotifications.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-commits] 20200504 [zookeeper] branch branch-3.5 updated: ZOOKEEPER-3794: upgrade netty to address CVE-2020-11612 - fixed file rename typo",
"url": "https://lists.apache.org/thread.html/r69b23a94d4ae45394cabae012dd1f4a963996869c44c478eb1c61082@%3Ccommits.zookeeper.apache.org%3E"
"-Synchronized-Data."
2020-09-04 21:01:27 +00:00
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200904 [SECURITY] [DLA 2364-1] netty security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00003.html"
"-Synchronized-Data."
2020-09-10 19:01:47 +00:00
},
{
"refsource": "MLIST",
"name": "[flink-issues] 20200910 [jira] [Created] (FLINK-19195) question on security vulnerabilities in flink",
"url": "https://lists.apache.org/thread.html/raaac04b7567c554786132144bea3dcb72568edd410c1e6f0101742e7@%3Cissues.flink.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[flink-dev] 20200910 [jira] [Created] (FLINK-19195) question on security vulnerabilities in flink",
"url": "https://lists.apache.org/thread.html/rf5b2dfb7401666a19915f8eaef3ba9f5c3386e2066fcd2ae66e16a2f@%3Cdev.flink.apache.org%3E"
"-Synchronized-Data."
2020-09-25 20:02:07 +00:00
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-66b5f85ccc",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TS6VX7OMXPDJIU5LRGUAHRK6MENAVJ46/"
"-Synchronized-Data."
2020-12-23 08:02:12 +00:00
},
"-Synchronized-Data."
2021-01-20 15:02:47 +00:00
{
"url": "https://www.oracle.com/security-alerts/cpujan2021.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2021.html"
},
{
"url": "https://github.com/netty/netty/issues/6168",
"refsource": "MISC",
"name": "https://github.com/netty/netty/issues/6168"
},
{
"url": "https://github.com/netty/netty/pull/9924",
"refsource": "MISC",
"name": "https://github.com/netty/netty/pull/9924"
},
{
"url": "https://github.com/netty/netty/compare/netty-4.1.45.Final...netty-4.1.46.Final",
"refsource": "MISC",
"name": "https://github.com/netty/netty/compare/netty-4.1.45.Final...netty-4.1.46.Final"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r31424427cc6d7db46beac481bdeed9a823fc20bb1b9deede38557f71@%3Cnotifications.zookeeper.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r31424427cc6d7db46beac481bdeed9a823fc20bb1b9deede38557f71@%3Cnotifications.zookeeper.apache.org%3E"
},
"-Synchronized-Data."
2020-12-23 08:02:12 +00:00
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20201223-0001/",
"url": "https://security.netapp.com/advisory/ntap-20201223-0001/"
"-Synchronized-Data."
2021-01-26 18:01:45 +00:00
},
{
"refsource": "MLIST",
"name": "[pulsar-commits] 20210120 [GitHub] [pulsar] fmiguelez opened a new issue #9249: Upgrade Netty dependency in broker to solve vulnerabilities: CVE-2019-16869, CVE-2020-11612, CVE-2019-20445, CVE-2019-20444",
"url": "https://lists.apache.org/thread.html/r832724df393a7ef25ca4c7c2eb83ad2d6c21c74569acda5233f9f1ec@%3Ccommits.pulsar.apache.org%3E"
"-Synchronized-Data."
2021-01-26 20:02:23 +00:00
},
{
"refsource": "MLIST",
"name": "[pulsar-commits] 20210121 [GitHub] [pulsar] hpvd commented on issue #9249: Upgrade Netty dependency in broker to solve vulnerabilities: CVE-2019-16869, CVE-2020-11612, CVE-2019-20445, CVE-2019-20444",
"url": "https://lists.apache.org/thread.html/r7790b9d99696d9eddce8a8c96f13bb68460984294ea6fea3800143e4@%3Ccommits.pulsar.apache.org%3E"
"-Synchronized-Data."
2021-01-26 20:03:39 +00:00
},
{
"refsource": "MLIST",
"name": "[pulsar-commits] 20210122 [GitHub] [pulsar] hpvd commented on issue #9249: Upgrade Netty dependency in broker to solve vulnerabilities: CVE-2019-16869, CVE-2020-11612, CVE-2019-20445, CVE-2019-20444",
"url": "https://lists.apache.org/thread.html/rdb69125652311d0c41f6066ff44072a3642cf33a4b5e3c4f9c1ec9c2@%3Ccommits.pulsar.apache.org%3E"
"-Synchronized-Data."
2021-04-06 12:00:46 +00:00
},
{
"refsource": "DEBIAN",
"name": "DSA-4885",
"url": "https://www.debian.org/security/2021/dsa-4885"
"-Synchronized-Data."
2020-04-07 18:01:17 +00:00
}
]
}
}
Reference in New Issue Copy Permalink