CLEANSTART-2026-CQ39708

Import Source

https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-CQ39708.json

JSON Data

https://api.test.osv.dev/v1/vulns/CLEANSTART-2026-CQ39708

Upstream

CVE-2024-45993

CVE-2025-31344

CVE-2025-48924

CVE-2026-26740

CVE-2026-33210

CVE-2026-33870

ghsa-33mh-2634-fwr2

ghsa-3m6g-2423-7cp3

ghsa-72hv-8253-57qq

ghsa-j288-q9x7-2f5v

ghsa-j4pr-3wm6-xx2r

ghsa-pwqr-wmgm-9rr8

ghsa-wx95-c6cv-8532

Published

2026-04-09T00:53:38.262441Z

Modified

2026-04-09T11:17:23.574090Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

Netty is an asynchronous, event-driven network application framework

Details

Multiple security vulnerabilities affect the logstash-fips package. Netty is an asynchronous, event-driven network application framework. See references for individual vulnerability details.

References

Affected packages

CleanStart / logstash-fips

Package

Name: logstash-fips

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

9.3.1-r0

Database specific

source

"https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-CQ39708.json"