{"id":"USN-8401-1","summary":"netty vulnerabilities","details":"It was discovered that Netty's HTTP proxy handler did not properly\nvalidate headers when constructing CONNECT requests. An\nattacker could possibly use this issue to inject arbitrary HTTP\nheaders into CONNECT requests. This issue only affected Ubuntu\n18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS,\nand Ubuntu 26.04 LTS. (CVE-2026-42578)\n\nIt was discovered that Netty's DNS codec did not properly enforce\ndomain name constraints. An attacker could possibly use this issue to\nbypass domain name validation, or cause Netty to consume resources,\nleading to a denial of service. This issue only affected Ubuntu 20.04\nLTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 26.04 LTS.\n(CVE-2026-42579)\n\nIt was discovered that Netty did not correctly handle HTTP/1.0\nrequests containing both a Transfer-Encoding and Content-Length\nheader. A remote attacker could possibly use this issue to perform\nHTTP request smuggling attacks. (CVE-2026-42581)\n\nVioleta Georgieva discovered that Netty incorrectly paired responses with\nrequests when handling informational HTTP responses. A remote attacker\ncould possibly use this issue to perform HTTP request smuggling attacks.\n(CVE-2026-42584)\n\nVioleta Georgieva discovered that Netty incorrectly parsed malformed\nTransfer-Encoding headers. A remote attacker could possibly use this\nissue to perform HTTP request smuggling attacks. (CVE-2026-42585)\n\nIt was discovered that Netty's Redis encoder did not validate CRLF\ncharacters. An attacker could possibly use this issue to inject arbitrary\nRedis commands. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04\nLTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 26.04 LTS.\n(CVE-2026-42586)","modified":"2026-06-08T23:14:13.858821461Z","published":"2026-06-08T13:38:28Z","related":["UBUNTU-CVE-2026-42578","UBUNTU-CVE-2026-42579","UBUNTU-CVE-2026-42581","UBUNTU-CVE-2026-42584","UBUNTU-CVE-2026-42585","UBUNTU-CVE-2026-42586"],"upstream":["CVE-2026-42578","CVE-2026-42579","CVE-2026-42581","CVE-2026-42584","CVE-2026-42585","CVE-2026-42586","UBUNTU-CVE-2026-42578","UBUNTU-CVE-2026-42579","UBUNTU-CVE-2026-42581","UBUNTU-CVE-2026-42584","UBUNTU-CVE-2026-42585","UBUNTU-CVE-2026-42586"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-8401-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-42578"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-42579"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-42581"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-42584"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-42585"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-42586"}],"affected":[{"package":{"name":"netty","ecosystem":"Ubuntu:Pro:14.04:LTS","purl":"pkg:deb/ubuntu/netty?arch=source&distro=esm-infra-legacy%2Ftrusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:3.2.6.Final-2+deb8u2ubuntu0.1~esm1"}]}],"versions":["1:3.2.6.Final-2","1:3.2.6.Final-2+deb8u2build0.14.04.1~esm1"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro with Legacy support add-on: https://ubuntu.com/pro","binaries":[{"binary_version":"1:3.2.6.Final-2+deb8u2ubuntu0.1~esm1","binary_name":"libnetty-java"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8401-1.json","cves_map":{"ecosystem":"Ubuntu:Pro:14.04:LTS","cves":[{"id":"CVE-2026-42581","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2026-42584","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2026-42585","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}]}}},{"package":{"name":"netty","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/netty?arch=source&distro=esm-apps-legacy%2Fxenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:4.0.34-1ubuntu0.1~esm4"}]}],"versions":["1:3.2.6.Final-2","1:4.0.32-1","1:4.0.33-1","1:4.0.34-1","1:4.0.34-1ubuntu0.1~esm1","1:4.0.34-1ubuntu0.1~esm2","1:4.0.34-1ubuntu0.1~esm3"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro with Legacy support add-on: https://ubuntu.com/pro","binaries":[{"binary_version":"1:4.0.34-1ubuntu0.1~esm4","binary_name":"libnetty-java"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8401-1.json","cves_map":{"ecosystem":"Ubuntu:Pro:16.04:LTS","cves":[{"id":"CVE-2026-42581","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2026-42584","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2026-42585","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}]}}},{"package":{"name":"netty","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/netty?arch=source&distro=esm-apps%2Fbionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:4.1.7-4ubuntu0.1+esm6"}]}],"versions":["1:4.1.7-4","1:4.1.7-4ubuntu0.1~esm1","1:4.1.7-4ubuntu0.1","1:4.1.7-4ubuntu0.1+esm1","1:4.1.7-4ubuntu0.1+esm2","1:4.1.7-4ubuntu0.1+esm3","1:4.1.7-4ubuntu0.1+esm4","1:4.1.7-4ubuntu0.1+esm5"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro","binaries":[{"binary_version":"1:4.1.7-4ubuntu0.1+esm6","binary_name":"libnetty-java"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8401-1.json","cves_map":{"ecosystem":"Ubuntu:Pro:18.04:LTS","cves":[{"id":"CVE-2026-42578","severity":[{"score":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P","type":"CVSS_V4"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2026-42581","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2026-42584","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2026-42585","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2026-42586","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}]}}},{"package":{"name":"netty","ecosystem":"Ubuntu:Pro:20.04:LTS","purl":"pkg:deb/ubuntu/netty?arch=source&distro=esm-apps%2Ffocal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:4.1.45-1ubuntu0.1~esm6"}]}],"versions":["1:4.1.33-1","1:4.1.33-2","1:4.1.33-3","1:4.1.45-1","1:4.1.45-1ubuntu0.1~esm1","1:4.1.45-1ubuntu0.1~esm2","1:4.1.45-1ubuntu0.1~esm3","1:4.1.45-1ubuntu0.1~esm4"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro","binaries":[{"binary_name":"libnetty-java","binary_version":"1:4.1.45-1ubuntu0.1~esm6"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8401-1.json","cves_map":{"ecosystem":"Ubuntu:Pro:20.04:LTS","cves":[{"id":"CVE-2026-42578","severity":[{"score":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P","type":"CVSS_V4"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2026-42579","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2026-42581","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2026-42584","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2026-42585","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2026-42586","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}]}}},{"package":{"name":"netty","ecosystem":"Ubuntu:Pro:22.04:LTS","purl":"pkg:deb/ubuntu/netty?arch=source&distro=esm-apps%2Fjammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:4.1.48-4+deb11u2ubuntu0.1+esm3"}]}],"versions":["1:4.1.48-4","1:4.1.48-4+deb11u1build0.22.04.1","1:4.1.48-4+deb11u2build0.22.04.1","1:4.1.48-4+deb11u2ubuntu0.1~esm1","1:4.1.48-4+deb11u2ubuntu0.1~esm2","1:4.1.48-4+deb11u2ubuntu0.1","1:4.1.48-4+deb11u2ubuntu0.1+esm1"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro","binaries":[{"binary_name":"libnetty-java","binary_version":"1:4.1.48-4+deb11u2ubuntu0.1+esm3"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8401-1.json","cves_map":{"ecosystem":"Ubuntu:Pro:22.04:LTS","cves":[{"id":"CVE-2026-42578","severity":[{"score":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P","type":"CVSS_V4"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2026-42579","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2026-42581","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2026-42584","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2026-42585","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2026-42586","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}]}}},{"package":{"name":"netty","ecosystem":"Ubuntu:Pro:24.04:LTS","purl":"pkg:deb/ubuntu/netty?arch=source&distro=esm-apps%2Fnoble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:4.1.48-9ubuntu0.1+esm3"}]}],"versions":["1:4.1.48-7","1:4.1.48-8","1:4.1.48-9","1:4.1.48-9ubuntu0.1~esm1","1:4.1.48-9ubuntu0.1~esm2","1:4.1.48-9ubuntu0.1","1:4.1.48-9ubuntu0.1+esm1"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro","binaries":[{"binary_version":"1:4.1.48-9ubuntu0.1+esm3","binary_name":"libnetty-java"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8401-1.json","cves_map":{"ecosystem":"Ubuntu:Pro:24.04:LTS","cves":[{"id":"CVE-2026-42578","severity":[{"score":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P","type":"CVSS_V4"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2026-42579","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2026-42581","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2026-42584","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2026-42585","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2026-42586","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}]}}},{"package":{"name":"netty","ecosystem":"Ubuntu:Pro:26.04:LTS","purl":"pkg:deb/ubuntu/netty?arch=source&distro=esm-apps%2Fresolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:4.1.48-16ubuntu0.1~esm2"}]}],"versions":["1:4.1.48-10","1:4.1.48-11","1:4.1.48-12","1:4.1.48-13","1:4.1.48-14","1:4.1.48-16"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro","binaries":[{"binary_version":"1:4.1.48-16ubuntu0.1~esm2","binary_name":"libnetty-buffer-java"},{"binary_name":"libnetty-common-java","binary_version":"1:4.1.48-16ubuntu0.1~esm2"},{"binary_version":"1:4.1.48-16ubuntu0.1~esm2","binary_name":"libnetty-java"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8401-1.json","cves_map":{"ecosystem":"Ubuntu:Pro:26.04:LTS","cves":[{"id":"CVE-2026-42578","severity":[{"score":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P","type":"CVSS_V4"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2026-42579","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2026-42581","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2026-42584","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2026-42585","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2026-42586","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}]}]}}}],"schema_version":"1.7.5"}