Withdrawn Advisory: Netty vulnerability included in redis lettuce
Note: i'm reporting this in this way purely because it's private and i don't want to broadcast vulnerabilities. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file that does not exist. If an attacker creates such a large file, the Netty application crashes. This vulnerability is fixed in 4.1.115.