RHSA-2026:26018
Vulnerability from csaf_redhat - Published: 2026-06-17 16:18 - Updated: 2026-06-17 16:19Summary
Red Hat Security Advisory: Red Hat build of Quarkus 3.27.4.SP1 security update
Severity
Important
Notes
Topic: An update is now available for Red Hat build of Quarkus.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.
Details: This release of Red Hat build of Quarkus 3.27.4.SP1 includes the following CVE fixes:
* quarkus-vertx-http: Authentication/Authorization Bypass via Advanced Path Normalization Vulnerabilities [quarkus-3.27] (CVE-2026-50559)
* vertx-core: eclipse-vertx/vert.x: Denial of Service via TLS handshake with wildcard server name [quarkus-3.27] (CVE-2026-6860)
* netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation [quarkus-3.27] (CVE-2026-44249)
* netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message [quarkus-3.27] (CVE-2026-44893)
* netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak [quarkus-3.27] (CVE-2026-48043)
* netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers [quarkus-3.27] (CVE-2026-48059)
* netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records [quarkus-3.27] (CVE-2026-47691)
* netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass [quarkus-3.27] (CVE-2026-50010)
* netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation [quarkus-3.27] (CVE-2026-45674)
* netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake [quarkus-3.27] (CVE-2026-45416)
* netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling [quarkus-3.27] (CVE-2026-50560)
* netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams [quarkus-3.27] (CVE-2026-47244)
* netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder [quarkus-3.27] (CVE-2026-50020)
* netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs [quarkus-3.27] (CVE-2026-45673)
For more information, see the release notes page listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in eclipse-vertx/vert.x. A remote attacker can exploit this vulnerability by performing a Transport Layer Security (TLS) handshake and presenting a server name extension with a server wildcard name. This can lead to a denial of service (DoS) condition, impacting the availability of the affected system.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.4.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in netty-handler, a component of the Netty network application framework. A remote attacker can exploit an incorrect masking operation in the IpSubnetFilterRule.compareTo() function to bypass configured IPv6 subnet rules. This allows valid public IP addresses to circumvent intended network restrictions, potentially leading to unauthorized access or exposure of services.
8.1 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.4.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in netty-codec-haproxy, a component of the Netty network application framework. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy message with a malformed PP2_TYPE_SSL TLV (Type-Length-Value) header. This can lead to an IndexOutOfBoundsException and prevent the release of retained memory, ultimately causing a Denial of Service (DoS) condition for the affected application.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.4.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a crafted TLS (Transport Layer Security) ClientHello message. This can lead to an eager allocation of a large memory buffer, causing a Denial of Service (DoS) due to excessive memory consumption. The issue occurs in the `SslClientHelloHandler.decode()` method when processing the TLS handshake length.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.4.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in Netty's DNS resolver component. This vulnerability arises from the use of a predictable pseudo-random number generator (PRNG) for DNS transaction IDs and a static User Datagram Protocol (UDP) source port. This combination significantly reduces the randomness of DNS queries, making it easier for a remote attacker to perform DNS Cache Poisoning, also known as a Kaminsky attack. Successful exploitation could allow an attacker to redirect network traffic to malicious servers.
6.8 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.4.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Netty's DnsResolveContext. This vulnerability allows a remote attacker to achieve information disclosure or data manipulation by crafting malicious DNS responses. The flaw occurs because the DnsResolveContext fails to validate the origin (bailiwick) of CNAME records in DNS responses, which could enable an attacker to redirect network traffic or intercept sensitive data from affected applications.
8.7 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.4.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a large number of HTTP/2 stream requests to a Netty HTTP/2 server. If the server does not explicitly limit concurrent streams, it can lead to the allocation of numerous long-lived stream objects. This excessive resource consumption can result in a denial of service (DoS), making the server unavailable to legitimate users.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.4.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Netty's `DnsResolveContext`. An attacker controlling an authoritative name server for a subdomain can exploit this vulnerability by providing crafted NS records that are insufficiently validated. This allows the attacker to poison the DNS cache for parent domains, bypassing standard bailiwick rules. Consequently, future DNS resolutions for the affected parent domain will use the poisoned cache, potentially redirecting users to malicious servers and leading to information disclosure or integrity compromise.
8.7 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.4.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in netty-codec-http2. A remote attacker could send specially crafted frames that cause a resource leak within the `DelegatingDecompressorFrameListener` class. This resource leak could lead to an Out Of Memory Error (OOME), potentially causing a Denial of Service (DoS) by taking down the entire Java Virtual Machine (JVM).
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.4.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in the Netty HAProxy PROXY protocol v2 codec. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy PROXY protocol v2 header with nested `PP2_TYPE_SSL` type-length-value (TLV) records. This can lead to a memory leak, causing the underlying cumulation buffer to remain permanently pinned and potentially resulting in a Denial of Service (DoS) due to resource exhaustion.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.4.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in Netty, a network application framework. This vulnerability allows a remote attacker to bypass hostname verification due to improper handling of user-supplied trust managers. When a client is configured with a plain X.509 Trust Manager (X509TrustManager), it fails to perform necessary hostname checks, enabling an attacker to impersonate a legitimate server. This could lead to sensitive information disclosure or man-in-the-middle attacks.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.4.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in Netty. The HttpObjectDecoder component, which processes incoming HTTP requests, incorrectly skips certain control characters and whitespace before reading the first request line. This behavior, which goes beyond standard HTTP protocol requirements, can lead to request-boundary confusion in systems that use pipelined or multiplexed transports. An attacker could exploit this to cause a front-end component to misinterpret HTTP request boundaries, potentially resulting in low integrity impact, such as unintended data manipulation.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.4.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Quarkus. A remote attacker could bypass HTTP path-based authorization policies by using specially crafted encoded semicolons, slashes, or backslashes in HTTP requests. This could allow unauthorized access to protected static resources, leading to information disclosure.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.4.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in Netty, a network application framework. A remote attacker can exploit a vulnerability in the HTTP/2 (Hypertext Transfer Protocol version 2) maximum header size handling. By sending a specific SETTINGS_MAX_HEADER_LIST_SIZE setting, an attacker can cause Netty to produce an exception when writing response headers. This issue is similar to an HTTP/2 Rapid Reset attack and can lead to a Denial of Service (DoS).
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat build of Quarkus 3.27.4.SP1
Red Hat / Red Hat build of Quarkus
|
cpe:/a:redhat:quarkus:3.27::el8
|
— |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
82 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat build of Quarkus.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. For more information, see the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat build of Quarkus 3.27.4.SP1 includes the following CVE fixes:\n\n* quarkus-vertx-http: Authentication/Authorization Bypass via Advanced Path Normalization Vulnerabilities [quarkus-3.27] (CVE-2026-50559)\n\n* vertx-core: eclipse-vertx/vert.x: Denial of Service via TLS handshake with wildcard server name [quarkus-3.27] (CVE-2026-6860)\n\n* netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation [quarkus-3.27] (CVE-2026-44249)\n\n* netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message [quarkus-3.27] (CVE-2026-44893)\n\n* netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak [quarkus-3.27] (CVE-2026-48043)\n\n* netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers [quarkus-3.27] (CVE-2026-48059)\n\n* netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records [quarkus-3.27] (CVE-2026-47691)\n\n* netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass [quarkus-3.27] (CVE-2026-50010)\n\n* netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation [quarkus-3.27] (CVE-2026-45674)\n\n* netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake [quarkus-3.27] (CVE-2026-45416)\n\n* netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling [quarkus-3.27] (CVE-2026-50560)\n\n* netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams [quarkus-3.27] (CVE-2026-47244)\n\n* netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder [quarkus-3.27] (CVE-2026-50020)\n\n* netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs [quarkus-3.27] (CVE-2026-45673)\n\nFor more information, see the release notes page listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:26018",
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/products/quarkus/",
"url": "https://access.redhat.com/products/quarkus/"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=redhat.quarkus\u0026downloadType=distributions\u0026version=3.27.4.SP1",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=redhat.quarkus\u0026downloadType=distributions\u0026version=3.27.4.SP1"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_build_of_quarkus/3.27",
"url": "https://docs.redhat.com/en/documentation/red_hat_build_of_quarkus/3.27"
},
{
"category": "external",
"summary": "QUARKUS-7954",
"url": "https://issues.redhat.com/browse/QUARKUS-7954"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_26018.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Quarkus 3.27.4.SP1 security update",
"tracking": {
"current_release_date": "2026-06-17T16:19:06+00:00",
"generator": {
"date": "2026-06-17T16:19:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.0.0"
}
},
"id": "RHSA-2026:26018",
"initial_release_date": "2026-06-17T16:18:16+00:00",
"revision_history": [
{
"date": "2026-06-17T16:18:16+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-17T16:18:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-17T16:19:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat build of Quarkus 3.27.4.SP1",
"product": {
"name": "Red Hat build of Quarkus 3.27.4.SP1",
"product_id": "Red Hat build of Quarkus 3.27.4.SP1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quarkus:3.27::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat build of Quarkus"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-6860",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-05-06T10:01:43.929832+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466990"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in eclipse-vertx/vert.x. A remote attacker can exploit this vulnerability by performing a Transport Layer Security (TLS) handshake and presenting a server name extension with a server wildcard name. This can lead to a denial of service (DoS) condition, impacting the availability of the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "eclipse-vertx/vert.x: eclipse-vertx/vert.x: Denial of Service via TLS handshake with wildcard server name",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as Moderate because a remote attacker can trigger a denial of service in Red Hat products that use `eclipse-vertx/vert.x` and are configured with TLS wildcard server names. Exploitation occurs during the TLS handshake, impacting service availability without affecting data confidentiality or integrity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-6860"
},
{
"category": "external",
"summary": "RHBZ#2466990",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466990"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-6860",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-6860"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-6860",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-6860"
},
{
"category": "external",
"summary": "https://github.com/eclipse-vertx/vert.x/pull/6102",
"url": "https://github.com/eclipse-vertx/vert.x/pull/6102"
},
{
"category": "external",
"summary": "https://github.com/eclipse-vertx/vert.x/security/advisories/GHSA-3g76-f9xq-8vp6",
"url": "https://github.com/eclipse-vertx/vert.x/security/advisories/GHSA-3g76-f9xq-8vp6"
},
{
"category": "external",
"summary": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/381",
"url": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/381"
}
],
"release_date": "2026-05-06T09:55:12.531000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T16:18:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "eclipse-vertx/vert.x: eclipse-vertx/vert.x: Denial of Service via TLS handshake with wildcard server name"
},
{
"cve": "CVE-2026-44249",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"discovery_date": "2026-06-11T22:02:05.327173+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488081"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in netty-handler, a component of the Netty network application framework. A remote attacker can exploit an incorrect masking operation in the IpSubnetFilterRule.compareTo() function to bypass configured IPv6 subnet rules. This allows valid public IP addresses to circumvent intended network restrictions, potentially leading to unauthorized access or exposure of services.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in netty-handler is rated as Important because a remote attacker can bypass configured IPv6 subnet filtering rules. This flaw, stemming from an incorrect masking operation, could allow unauthorized access to or exposure of services that are intended to be network-restricted within Red Hat products utilizing the affected Netty component.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44249"
},
{
"category": "external",
"summary": "RHBZ#2488081",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488081"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44249",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44249"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44249",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44249"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-3qp7-7mw8-wx86",
"url": "https://github.com/netty/netty/security/advisories/GHSA-3qp7-7mw8-wx86"
}
],
"release_date": "2026-06-11T20:46:14.110000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T16:18:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation"
},
{
"cve": "CVE-2026-44893",
"cwe": {
"id": "CWE-805",
"name": "Buffer Access with Incorrect Length Value"
},
"discovery_date": "2026-06-12T15:01:18.066312+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488383"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in netty-codec-haproxy, a component of the Netty network application framework. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy message with a malformed PP2_TYPE_SSL TLV (Type-Length-Value) header. This can lead to an IndexOutOfBoundsException and prevent the release of retained memory, ultimately causing a Denial of Service (DoS) condition for the affected application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-44893"
},
{
"category": "external",
"summary": "RHBZ#2488383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488383"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-44893",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-44893"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-44893",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44893"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-cc37-9q2j-3hfv",
"url": "https://github.com/netty/netty/security/advisories/GHSA-cc37-9q2j-3hfv"
}
],
"release_date": "2026-06-12T14:00:25.801000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T16:18:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message"
},
{
"cve": "CVE-2026-45416",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-06-12T15:01:45.671884+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488391"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a crafted TLS (Transport Layer Security) ClientHello message. This can lead to an eager allocation of a large memory buffer, causing a Denial of Service (DoS) due to excessive memory consumption. The issue occurs in the `SslClientHelloHandler.decode()` method when processing the TLS handshake length.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Netty is rated as Important. It allows a remote attacker to trigger a denial of service by sending a specially crafted TLS ClientHello message. The flaw arises from an eager, unbounded memory allocation during the TLS handshake, particularly when default configurations disable the maximum client hello length guard, leading to excessive resource consumption in affected Red Hat products utilizing Netty.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-45416"
},
{
"category": "external",
"summary": "RHBZ#2488391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488391"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-45416",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45416"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45416",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45416"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-x4gw-5cx5-pgmh",
"url": "https://github.com/netty/netty/security/advisories/GHSA-x4gw-5cx5-pgmh"
}
],
"release_date": "2026-06-12T14:10:05.585000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T16:18:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "workaround",
"details": "To mitigate this issue, configure applications utilizing Netty\u0027s `SslClientHelloHandler` to specify a non-zero value for the `maxClientHelloLength` parameter. This will enable the internal length validation, preventing the eager allocation of large memory buffers when processing crafted TLS ClientHello messages. Refer to your specific application\u0027s documentation for details on configuring Netty\u0027s TLS handler. A restart of the affected application or service is required for the configuration changes to take effect.",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake"
},
{
"cve": "CVE-2026-45673",
"cwe": {
"id": "CWE-1241",
"name": "Use of Predictable Algorithm in Random Number Generator"
},
"discovery_date": "2026-06-12T15:01:28.171757+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488386"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s DNS resolver component. This vulnerability arises from the use of a predictable pseudo-random number generator (PRNG) for DNS transaction IDs and a static User Datagram Protocol (UDP) source port. This combination significantly reduces the randomness of DNS queries, making it easier for a remote attacker to perform DNS Cache Poisoning, also known as a Kaminsky attack. Successful exploitation could allow an attacker to redirect network traffic to malicious servers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-45673"
},
{
"category": "external",
"summary": "RHBZ#2488386",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488386"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-45673",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45673"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-xmv7-r254-6q78",
"url": "https://github.com/netty/netty/security/advisories/GHSA-xmv7-r254-6q78"
}
],
"release_date": "2026-06-12T14:16:03.968000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T16:18:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs"
},
{
"cve": "CVE-2026-45674",
"cwe": {
"id": "CWE-346",
"name": "Origin Validation Error"
},
"discovery_date": "2026-06-12T15:02:15.565158+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488400"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s DnsResolveContext. This vulnerability allows a remote attacker to achieve information disclosure or data manipulation by crafting malicious DNS responses. The flaw occurs because the DnsResolveContext fails to validate the origin (bailiwick) of CNAME records in DNS responses, which could enable an attacker to redirect network traffic or intercept sensitive data from affected applications.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important severity flaw in Netty\u0027s DnsResolveContext allows a remote attacker to achieve information disclosure or data manipulation. By crafting malicious DNS responses, an attacker could redirect network traffic or intercept sensitive data, impacting applications utilizing Netty for DNS resolution in Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-45674"
},
{
"category": "external",
"summary": "RHBZ#2488400",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488400"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-45674",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45674"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-45674",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45674"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-676x-f7gg-47vc",
"url": "https://github.com/netty/netty/security/advisories/GHSA-676x-f7gg-47vc"
}
],
"release_date": "2026-06-12T14:17:50.203000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T16:18:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation"
},
{
"cve": "CVE-2026-47244",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-06-12T15:02:11.516632+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488399"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, a network application framework. A remote attacker can exploit this vulnerability by sending a large number of HTTP/2 stream requests to a Netty HTTP/2 server. If the server does not explicitly limit concurrent streams, it can lead to the allocation of numerous long-lived stream objects. This excessive resource consumption can result in a denial of service (DoS), making the server unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Moderate impact flaw in Netty\u0027s HTTP/2 implementation can lead to a denial of service in Red Hat products that utilize Netty as an HTTP/2 server without explicitly configured limits on concurrent streams. An attacker can exhaust server resources by initiating numerous HTTP/2 stream requests, rendering the service unavailable. The impact is limited to denial of service and requires a specific server configuration to be exploitable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-47244"
},
{
"category": "external",
"summary": "RHBZ#2488399",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488399"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-47244",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47244"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-47244",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47244"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-5x3r-wrvg-rp6q",
"url": "https://github.com/netty/netty/security/advisories/GHSA-5x3r-wrvg-rp6q"
}
],
"release_date": "2026-06-12T14:23:50.316000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T16:18:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "workaround",
"details": "Configure affected applications using Netty HTTP/2 servers to explicitly set a maximum concurrent streams limit. Consult product-specific documentation for instructions on how to apply this configuration. Additionally, restrict network access to affected services to trusted clients and networks by implementing firewall rules or other network access controls. This may impact legitimate traffic if not carefully configured.",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams"
},
{
"cve": "CVE-2026-47691",
"cwe": {
"id": "CWE-346",
"name": "Origin Validation Error"
},
"discovery_date": "2026-06-12T16:02:45.855856+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488439"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty\u0027s `DnsResolveContext`. An attacker controlling an authoritative name server for a subdomain can exploit this vulnerability by providing crafted NS records that are insufficiently validated. This allows the attacker to poison the DNS cache for parent domains, bypassing standard bailiwick rules. Consequently, future DNS resolutions for the affected parent domain will use the poisoned cache, potentially redirecting users to malicious servers and leading to information disclosure or integrity compromise.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important flaw in Netty\u0027s DNS resolution component, `netty-resolver-dns`, allows for DNS cache poisoning. An attacker with control over an authoritative name server for a subdomain could exploit this vulnerability to inject malicious DNS records into the cache of parent domains. This could lead to redirection of network traffic, impacting the integrity and availability of services relying on DNS resolution within affected Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-47691"
},
{
"category": "external",
"summary": "RHBZ#2488439",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488439"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-47691",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-47691"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-47691",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-47691"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-5pvg-856g-cp85",
"url": "https://github.com/netty/netty/security/advisories/GHSA-5pvg-856g-cp85"
}
],
"release_date": "2026-06-12T14:33:16.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T16:18:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records"
},
{
"cve": "CVE-2026-48043",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"discovery_date": "2026-06-12T16:02:56.371830+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488442"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in netty-codec-http2. A remote attacker could send specially crafted frames that cause a resource leak within the `DelegatingDecompressorFrameListener` class. This resource leak could lead to an Out Of Memory Error (OOME), potentially causing a Denial of Service (DoS) by taking down the entire Java Virtual Machine (JVM).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-48043"
},
{
"category": "external",
"summary": "RHBZ#2488442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488442"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-48043",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48043"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-48043",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48043"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-c2gf-v879-257j",
"url": "https://github.com/netty/netty/security/advisories/GHSA-c2gf-v879-257j"
}
],
"release_date": "2026-06-12T14:39:52.498000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T16:18:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak"
},
{
"cve": "CVE-2026-48059",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-06-12T16:02:40.032749+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488437"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Netty HAProxy PROXY protocol v2 codec. A remote attacker can exploit this vulnerability by sending a specially crafted HAProxy PROXY protocol v2 header with nested `PP2_TYPE_SSL` type-length-value (TLV) records. This can lead to a memory leak, causing the underlying cumulation buffer to remain permanently pinned and potentially resulting in a Denial of Service (DoS) due to resource exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-48059"
},
{
"category": "external",
"summary": "RHBZ#2488437",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488437"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-48059",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-48059"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-48059",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48059"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-h2qv-fj59-j46j",
"url": "https://github.com/netty/netty/security/advisories/GHSA-h2qv-fj59-j46j"
}
],
"release_date": "2026-06-12T14:42:44.677000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T16:18:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers"
},
{
"cve": "CVE-2026-50010",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-06-12T16:02:13.735675+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488429"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, a network application framework. This vulnerability allows a remote attacker to bypass hostname verification due to improper handling of user-supplied trust managers. When a client is configured with a plain X.509 Trust Manager (X509TrustManager), it fails to perform necessary hostname checks, enabling an attacker to impersonate a legitimate server. This could lead to sensitive information disclosure or man-in-the-middle attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in Netty that affects Red Hat products utilizing the `netty-handler` component, including various Red Hat AMQ, Enterprise Application Platform, and OpenShift offerings. The vulnerability arises when a Netty client is configured with a plain X.509 Trust Manager, leading to a bypass of hostname verification. This oversight allows a remote attacker to perform man-in-the-middle attacks by impersonating a legitimate server, potentially compromising sensitive data.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-50010"
},
{
"category": "external",
"summary": "RHBZ#2488429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488429"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-50010",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50010"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-50010",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50010"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-c653-97m9-rcg9",
"url": "https://github.com/netty/netty/security/advisories/GHSA-c653-97m9-rcg9"
}
],
"release_date": "2026-06-12T14:50:43.151000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T16:18:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass"
},
{
"cve": "CVE-2026-50020",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-06-12T16:01:51.804290+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488421"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty. The HttpObjectDecoder component, which processes incoming HTTP requests, incorrectly skips certain control characters and whitespace before reading the first request line. This behavior, which goes beyond standard HTTP protocol requirements, can lead to request-boundary confusion in systems that use pipelined or multiplexed transports. An attacker could exploit this to cause a front-end component to misinterpret HTTP request boundaries, potentially resulting in low integrity impact, such as unintended data manipulation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Moderate flaw in Netty\u0027s HttpObjectDecoder could lead to data manipulation in Red Hat products utilizing pipelined or multiplexed HTTP transports. The vulnerability arises from the decoder\u0027s over-permissive handling of control characters and whitespace, which can cause front-end components to misinterpret HTTP request boundaries. Exploitation requires a specific network configuration where front-end and back-end components process HTTP requests inconsistently, limiting the immediate impact on default installations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-50020"
},
{
"category": "external",
"summary": "RHBZ#2488421",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488421"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-50020",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50020"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-50020",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50020"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-hvcg-qmg6-jm4c",
"url": "https://github.com/netty/netty/security/advisories/GHSA-hvcg-qmg6-jm4c"
}
],
"release_date": "2026-06-12T14:55:32.165000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T16:18:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder"
},
{
"cve": "CVE-2026-50559",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-06-09T10:55:32.426000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2486959"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Quarkus. A remote attacker could bypass HTTP path-based authorization policies by using specially crafted encoded semicolons, slashes, or backslashes in HTTP requests. This could allow unauthorized access to protected static resources, leading to information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.quarkus/quarkus-vertx-http: Quarkus: Authorization bypass in HTTP path-based policies via encoded characters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in Quarkus where HTTP path-based authorization policies can be bypassed by a remote attacker. Specially crafted HTTP requests containing encoded semicolons, slashes, or backslashes can circumvent security controls, allowing unauthorized access to protected static resources and leading to information disclosure. This is critical in deployments where Quarkus applications serve sensitive static content and rely solely on path-based authorization.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-50559"
},
{
"category": "external",
"summary": "RHBZ#2486959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2486959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-50559",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50559"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-50559",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50559"
},
{
"category": "external",
"summary": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-qcxp-gm7m-4j5v",
"url": "https://github.com/quarkusio/quarkus/security/advisories/GHSA-qcxp-gm7m-4j5v"
}
],
"release_date": "2026-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T16:18:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "io.quarkus/quarkus-vertx-http: Quarkus: Authorization bypass in HTTP path-based policies via encoded characters"
},
{
"cve": "CVE-2026-50560",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-06-12T16:00:59.240952+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2488407"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, a network application framework. A remote attacker can exploit a vulnerability in the HTTP/2 (Hypertext Transfer Protocol version 2) maximum header size handling. By sending a specific SETTINGS_MAX_HEADER_LIST_SIZE setting, an attacker can cause Netty to produce an exception when writing response headers. This issue is similar to an HTTP/2 Rapid Reset attack and can lead to a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw in Netty\u0027s HTTP/2 protocol handling is rated Moderate. A remote, unauthenticated attacker can trigger a denial of service by sending a crafted `SETTINGS_MAX_HEADER_LIST_SIZE` frame, causing an exception during response header processing. This can disrupt services utilizing Netty for HTTP/2 communication.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-50560"
},
{
"category": "external",
"summary": "RHBZ#2488407",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2488407"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-50560",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-50560"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-50560",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-50560"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.1.135.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final",
"url": "https://github.com/netty/netty/releases/tag/netty-4.2.15.Final"
},
{
"category": "external",
"summary": "https://github.com/netty/netty/security/advisories/GHSA-563q-j3cm-6jxm",
"url": "https://github.com/netty/netty/security/advisories/GHSA-563q-j3cm-6jxm"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9113.html#name-defined-settings",
"url": "https://www.rfc-editor.org/rfc/rfc9113.html#name-defined-settings"
}
],
"release_date": "2026-06-12T14:59:59.901000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T16:18:16+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26018"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat build of Quarkus 3.27.4.SP1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…