CVE-2026-45674

HIGH(8.7)

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

Risk Signal Score27/100 — MITTEL

CVSS 8.7 — Hoch

EPSS-Score

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

8.7

Technische Schwere

Beschreibung

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DnsResolveContext fails to validate the origin (bailiwick) of CNAME records in DNS responses. Versions 4.1.135.Final and 4.2.15.Final patch the issue.

GitHub Advisories

GHSA-676x-f7gg-47vcHIGH

Netty Vulnerable to DNS Cache Poisoning via Missing Bailiwick Checks in CNAME Records

maven/io.netty:netty-resolver-dns→ 4.2.15.Final

GitHub Advisory

Referenzen

https://github.com/netty/netty/releases/tag/netty-4.1.135.Final
https://github.com/netty/netty/releases/tag/netty-4.2.15.Final
https://github.com/netty/netty/security/advisories/GHSA-676x-f7gg-47vc