Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in version 4.1.91.Final and prior to version 4.1.118.Final. When a special crafted packet is received via SslHandler it doesn't correctly handle validation of such a packet in all cases which can lead to a native crash. Version 4.1.118.Final contains a patch. As workaround its possible to either disable the usage of the native SSLEngine or change the code manually.

oracle CPUJul2025: NoSQL Database

According to its self-reported version number, the Oracle GoldenGate for Big Data application located on the remote host is affected by multiple vulnerabilities:

  - Vulnerability in the Oracle GoldenGate Big Data and Application Adapters product of Oracle GoldenGate     (component: Java Delivery (Netty)). Supported versions that are affected are 23.4-23.7. Difficult to     exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Oracle     GoldenGate Big Data and Application Adapters. Successful attacks of this vulnerability can result in     unauthorized ability to cause a partial denial of service (partial DOS) of Oracle GoldenGate Big Data     and Application Adapters. (CVE-2025-24970)

  - Vulnerability in the Oracle GoldenGate Stream Analytics product of Oracle GoldenGate (component: Stream     Analytics (Netty)). Difficult to exploit vulnerability allows low privileged attacker with access to     the physical communication segment attached to the hardware where the Oracle GoldenGate Stream Analytics     executes to compromise Oracle GoldenGate Stream Analytics. Successful attacks of this vulnerability can     result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle     GoldenGate Stream Analytics. (CVE-2025-25193)

  - Vulnerability in the Oracle GoldenGate Big Data and Application Adapters product of Oracle GoldenGate     (component: Java Delivery (Apache HttpClient)). Supported versions that are affected are 23.4-23.6. Easily     exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise     Oracle GoldenGate Big Data and Application Adapters. Successful attacks of this vulnerability can result     in unauthorized creation, deletion or modification access to critical data or all Oracle GoldenGate Big     Data and Application Adapters accessible data. (CVE-2025-27820)

  - Security-in-Depth issue in the Oracle GoldenGate Big Data and Application Adapters product of Oracle     GoldenGate (component: GoldenGate Big Data and Application Adapters (Apache Parquet Java)). This     vulnerability cannot be exploited in the context of this product. (CVE-2025-30065)

  - Schema parsing in the parquet-avro module of Apache Parquet 1.15.0 and previous versions allows bad actors     to execute arbitrary code. While 1.15.1 introduced a fix to restrict untrusted packages, the default     setting of trusted packages still allows malicious classes from these packages to be executed. The     exploit is only applicable if the client code of parquet-avro uses the 'specific' or the 'reflect'     models deliberately for reading Parquet files. ('generic' model is not impacted). (CVE-2025-46762)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Atlassian Jira Service Management Data Center and Server (Jira Service Desk) running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16207 advisory.

  - Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in     version 4.1.91.Final and prior to version 4.1.118.Final. When a special crafted packet is received via     SslHandler it doesn't correctly handle validation of such a packet in all cases which can lead to a native     crash. Version 4.1.118.Final contains a patch. As workaround its possible to either disable the usage of     the native SSLEngine or change the code manually. (CVE-2025-24970)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of Atlassian Confluence Server running on the remote host is affected by a denial of service vulnerability as referenced in the CONFSERVER-99540 advisory.

  - Netty, an asynchronous, event-driven network application framework, has a vulnerability starting in     version 4.1.91.Final and prior to version 4.1.118.Final. When a special crafted packet is received via     SslHandler it doesn't correctly handle validation of such a packet in all cases which can lead to a native     crash. Version 4.1.118.Final contains a patch. As workaround its possible to either disable the usage of     the native SSLEngine or change the code manually. (CVE-2025-24970)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:4550 advisory.

    Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly     application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.22 serves as a     replacement for Red Hat JBoss Enterprise Application Platform 7.4.21, and includes bug fixes and     enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.22 Release Notes for information     about the most significant bug fixes and enhancements included in this release.

    Security Fix(es):

    * io.netty/netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash     when using native SSLEngine (CVE-2025-24970)

    * io.netty/netty: Denial of Service attack on windows app using Netty (CVE-2024-47535)

    * netty-common: Denial of Service attack on windows app using Netty (CVE-2025-25193)

    * org.wildfly.core/wildfly-server: Wildfly improper RBAC permission (CVE-2025-23367)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:4549 advisory.

    Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly     application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.22 serves as a     replacement for Red Hat JBoss Enterprise Application Platform 7.4.21, and includes bug fixes and     enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.22 Release Notes for information     about the most significant bug fixes and enhancements included in this release.

    Security Fix(es):

    * io.netty/netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash     when using native SSLEngine (CVE-2025-24970)

    * io.netty/netty: Denial of Service attack on windows app using Netty (CVE-2024-47535)

    * netty-common: Denial of Service attack on windows app using Netty (CVE-2025-25193)

    * org.wildfly.core/wildfly-server: Wildfly improper RBAC permission (CVE-2025-23367)     For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:4548 advisory.

    Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly     application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.22 serves as a     replacement for Red Hat JBoss Enterprise Application Platform 7.4.21, and includes bug fixes and     enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.22 Release Notes for information     about the most significant bug fixes and enhancements included in this release.

    Security Fix(es):

    * io.netty/netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash     when using native SSLEngine (CVE-2025-24970)

    * io.netty/netty: Denial of Service attack on windows app using Netty (CVE-2024-47535)

    * netty-common: Denial of Service attack on windows app using Netty (CVE-2025-25193)

    * org.wildfly.core/wildfly-server: Wildfly improper RBAC permission (CVE-2025-23367)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Coherence installed on the remote host is affected by a vulnerability as referenced in the April 2025 CPU advisory.

  - Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Third Party     (Netty)). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0 and 14.1.2.0.0. Easily     exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise     Oracle Coherence. Successful attacks of this vulnerability can result in unauthorized ability to cause     a hang or frequently repeatable crash (complete DOS) of Oracle Coherence. (CVE-2025-24970, CVE-2025-25193)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 7 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:3465 advisory.

    Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly     application runtime.

    This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.4.

    Security Fix(es):

    * io.netty/netty: Denial of Service attack on windows app using Netty (CVE-2024-47535)

    * netty-common: Denial of Service attack on windows app using Netty (CVE-2025-25193)

    * io.netty/netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash     when using native SSLEngine (CVE-2025-24970)

    * org.wildfly.core/wildfly-server: Wildfly improper RBAC permission (CVE-2025-23367)

    A Red Hat Security Bulletin which addresses further details about this flaw is available in the References     section.

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:3357 advisory.

    Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly     application runtime.

    This asynchronous patch is an update for Red Hat JBoss Enterprise Application Platform 8.0. See Release     Notes for information about the most     significant bug fixes and enhancements included in this release.

    Security Fix(es):

    * org.jboss.narayana-narayana-all: deadlock via multiple join requests sent to LRA Coordinator [eap-8.0.z]     (CVE-2024-8447)

    * io.netty/netty: Denial of Service attack on windows app using Netty [eap-8.0.z] (CVE-2024-47535)

    * io.netty/netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash     when using native SSLEngine [eap-8.0.z] (CVE-2025-24970)

    * netty-common: Denial of Service attack on windows app using Netty [eap-8.0.z] (CVE-2025-25193)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0590-1 advisory.

    - CVE-2025-24970: incorrect validation of packets by SslHandler can lead to a native crash. (bsc#1237037)
    - CVE-2025-25193: unsafe reading of environment files can lead to an application crash. (bsc#1237038)

    Update to netty version 4.1.118 and netty-tcnative version 2.0.70 Final.

    Other fixes:

    - Fix recycling in CodecOutputList.
    - StreamBufferingEncoder: do not send header frame with priority by default.
    - Notify event loop termination future of unexpected exceptions.
    - Fix AccessControlException in GlobalEventExecutor.
    - AdaptivePoolingAllocator: round chunk sizes up and reduce chunk release frequency.
    - Support BouncyCastle FIPS for reading PEM files.
    - Dns: correctly encode DnsPtrRecord.
    - Provide Brotli settings without com.aayushatharva.brotli4j dependency.
    - Make DefaultResourceLeak more resilient against OOM.
    - OpenSslSession: add support to defensively check for peer certs.
    - SslHandler: ensure buffers are never leaked when wrap(...) produces SSLException.
    - Correcly handle comments appended to nameserver declarations.
    - PcapWriteHandler: apply fixes so that the handler can append to an existing PCAP file when writing the     global header.
    - PcapWriteHandler: allow output of PCAP files larger than 2GB.
    - Fix bugs in BoundedInputStream.
    - Fix HTTP header validation bug.
    - AdaptivePoolingAllocator: fix possible race condition in method offerToQueue(...).
    - AdaptivePoolingAllocator: make sure the sentinel object Magazine.MAGAZINE_FREED not be replaced.
    - Only try to use Zstd and Brotli if the native libs can be loaded.
    - Bump BlockHound version to 1.0.10.RELEASE.
    - Add details to TooLongFrameException message.
    - AdaptivePoolingAllocator: correctly reuse chunks.
    - AdaptivePoolingAllocator: don't fail when we run on a host with 1 core.
    - AdaptivePoolingAllocator: correctly re-use central queue chunks and avoid OOM issue.
    - Fix several memory management (leaks and missing checks) issues.

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
242270	Oracle GoldenGate for Big Data Multiple Vulnerabilities 23.x < 23.9.0.25.07 (July 2025 CPU)	Nessus	Misc.	critical
237197	Atlassian Jira Service Management Data Center and Server 5.11.3 < 5.12.20 / < 5.12.22 / 5.13.x < 10.3.5 / 10.4.x < 10.6.0 (JSDSERVER-16207)	Nessus	Misc.	high
236969	Atlassian Confluence 7.19.x < 8.5.20 / 8.6.x < 9.2.2 / 9.3.x < 9.3.2 DoS (CONFSERVER-99540)	Nessus	CGI abuses	high
235384	RHEL 9 : Red Hat JBoss Enterprise Application Platform 7.4.22 (RHSA-2025:4550)	Nessus	Red Hat Local Security Checks	medium
235383	RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.4.22 (RHSA-2025:4549)	Nessus	Red Hat Local Security Checks	medium
235382	RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.4.22 (RHSA-2025:4548)	Nessus	Red Hat Local Security Checks	medium
234552	Oracle Coherence (April 2025 CPU)	Nessus	Misc.	high
233918	RHEL 7 / 8 / 9 : Red Hat JBoss Enterprise Application Platform 7.4.21 (RHSA-2025:3465)	Nessus	Red Hat Local Security Checks	medium
233543	RHEL 8 / 9 : Red Hat JBoss Enterprise Application Platform 8.0.6 (RHSA-2025:3357)	Nessus	Red Hat Local Security Checks	medium
216507	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : netty, netty-tcnative (SUSE-SU-2025:0590-1)	Nessus	SuSE Local Security Checks	medium

Detections

Analytics

CVE-2025-24970

high

Tenable Plugins

Coming Soon

critical

high

high

medium

medium

medium

high

medium

medium

medium