Package impact
Maven / io.netty:netty-codec
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-37137 | high | — | 8.0 | 5y ago | SnappyFrameDecoder doesn't restrict chunk length any may buffer skippable chunks in an unnecessary way | |||
| CVE-2021-37136 | high | — | 8.0 | 5y ago | Bzip2Decoder doesn't allow setting size restrictions for decompressed data | |||
| CVE-2026-42583 | high | 7.5 | 7.5 | 17d ago | Netty Lz4FrameDecoder is vulnerable to resource exhaustion | |||
| CVE-2025-58057 | unknown | — | — | 9mo ago | Netty's decoders vulnerable to DoS via zip bomb style attack |