CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-4970

handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and 4.1.x before 4.1.1.Final allows remote attackers to cause a denial of service (infinite loop).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.082

EPSS Ranking 91.7%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 7.8

References

Products affected by CVE-2016-4970

Apache » Cassandra » Version: 3.11.4

cpe:2.3:a:apache:cassandra:3.11.4
Netty » Netty » Version: 4.0.20

cpe:2.3:a:netty:netty:4.0.20
Netty » Netty » Version: 4.0.21

cpe:2.3:a:netty:netty:4.0.21
Netty » Netty » Version: 4.0.22

cpe:2.3:a:netty:netty:4.0.22
Netty » Netty » Version: 4.0.23

cpe:2.3:a:netty:netty:4.0.23
Netty » Netty » Version: 4.0.24

cpe:2.3:a:netty:netty:4.0.24
Netty » Netty » Version: 4.0.25

cpe:2.3:a:netty:netty:4.0.25
Netty » Netty » Version: 4.0.26

cpe:2.3:a:netty:netty:4.0.26
Netty » Netty » Version: 4.0.27

cpe:2.3:a:netty:netty:4.0.27
Netty » Netty » Version: 4.0.28

cpe:2.3:a:netty:netty:4.0.28
Netty » Netty » Version: 4.0.29

cpe:2.3:a:netty:netty:4.0.29
Netty » Netty » Version: 4.0.30

cpe:2.3:a:netty:netty:4.0.30
Netty » Netty » Version: 4.0.31

cpe:2.3:a:netty:netty:4.0.31
Netty » Netty » Version: 4.0.32

cpe:2.3:a:netty:netty:4.0.32
Netty » Netty » Version: 4.0.33

cpe:2.3:a:netty:netty:4.0.33
Netty » Netty » Version: 4.0.34

cpe:2.3:a:netty:netty:4.0.34
Netty » Netty » Version: 4.0.35

cpe:2.3:a:netty:netty:4.0.35
Netty » Netty » Version: 4.0.36

cpe:2.3:a:netty:netty:4.0.36
Netty » Netty » Version: 4.1.0

cpe:2.3:a:netty:netty:4.1.0
Redhat » Jboss Data Grid » Version: 7.1

cpe:2.3:a:redhat:jboss_data_grid:7.1
Redhat » Jboss Middleware Text-Only Advisories » Version: 1.0

cpe:2.3:a:redhat:jboss_middleware_text-only_advisories:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-4970

Products

Pricing

Contact Us