MGASA-2021-0136

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2021-21290

Published: 14 Mar 2021, 21:20

Last modified:16 Apr 2026, 04:25

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

14 Mar 2021, 21:20

Published

Vulnerability first disclosed

16 Apr 2026, 04:25

Last Modified

Vulnerability information updated

Description

Updated netty packages fix a security vulnerability When netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled (CVE-2021-21290).

Affected Systems

mageia•netty
< 4.1.51-1.1.mga8

References (3)

https://advisories.mageia.org/MGASA-2021-0136.html
https://bugs.mageia.org/show_bug.cgi?id=28446
https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2