Threats Tagged 'cve-2025-11966'
View all threats tagged with 'cve-2025-11966'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2025-11966'
Click on any threat for detailed analysis and mitigation recommendations
Red Hat Security Advisory: Streams for Apache Kafka 3.1.0 release and security updateCVE-2024-56128 0 Red Hat Streams for Apache Kafka, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat Streams for Apache Kafka 3.1.0 serves as a replacement for Red Hat Streams for Apache Kafka 3.0.1, and includes security and bug fixes, and enhancements. Security Fix(es): * Apache Kafka, Drain Cleaner, Bridge, Cruise Conreol, Proxy, Console: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack"(CVE-2025-58057)" * Apache Kafka, Proxy: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions"(CVE-2025-58056)" * Apache Kafka, Bridge, Drain Cleaner, Cruise Control, Console: Netty MadeYouReset HTTP/2 DDoS Vulnerability ("CVE-2025-55163") * Apache Kafka: org.apache.commons:commons-lang3 : Uncontrolled Recursion("CVE-2025-48924") * Drain Cleaner: io.quarkus:quarkus-resteasy: Memory Leak in Quarkus RESTEasy Classic When Client Requests Timeout("CVE-2025-1634") * Drain Cleaner, Console: Data leak vulnerability in io.quarkus:quarkus-vertx package ("CVE-2025-49574") * Cruise Control: org.apache.kafka/kafka_2.13: Apache Kafka: SCRAM authentication vulnerable to replay attacks when used without encryption (" CVE-2024-56128") * Cruise Control: org.apache.kafka: Kafka Client Arbitrary File Read SSRF("CVE-2025-27817") * Cruise Control: Kafka Clients Vulnerabiliy("CVE-2025-27819") * Cruise Control: Kafka Clients Vulnerabiliy("CVE-2025-27818") * Cruise Control, Console: io.vertx/vertx-core: Eclipse Vert.x Access Control Flaw ("CVE-2025-11965") * Cruise Control, Console: Vertx - Cross-site scripting (XSS) vulnerability ("CVE-2025-11966") Join the discussion | GCVE Database | 12/16/2025, 23:13:43 UTC Added: 06/10/2026, 11:41:47 UTC |
Red Hat Security Advisory: Red Hat build of Quarkus 3.27.1.SP1 security updateCVE-2025-11966 0 Red Hat has released a security update for its build of Quarkus 3.27.1.SP1 addressing three vulnerabilities: two in lz4-java involving information disclosure and denial of service via out-of-bounds memory operations, and one in vertx-web involving cross-site scripting. These issues are rated as important by Red Hat. The update is intended to fix these vulnerabilities and users are advised to apply it after ensuring all previous errata are installed. Join the discussion | GCVE Database | 01/06/2026, 13:22:25 UTC Added: 05/26/2026, 20:58:50 UTC |
Red Hat Security Advisory: Red Hat build of Quarkus 3.20.4.SP1 security updateCVE-2025-11966 0 Red Hat has released a security update for Red Hat build of Quarkus 3.20.4.SP1 addressing three vulnerabilities: two in lz4-java involving information disclosure and denial of service via out-of-bounds memory operations, and one cross-site scripting vulnerability in Eclipse Vert.x web component. The update is rated as important by Red Hat Product Security. Users should apply this update after ensuring all previous errata are installed. Join the discussion | GCVE Database | 01/06/2026, 13:12:23 UTC Added: 05/26/2026, 20:58:50 UTC |
Showing 1 to 3 of 3 results