Package impact
Maven / io.netty:netty-codec-http
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-42587 | high | 7.5 | 7.5 | 16d ago | Netty: HttpContentDecompressor maxAllocation bypass when Content-Encoding set to br/zstd/snappy leads to decompression bomb DoS | |||
| CVE-2026-42585 | high | 7.5 | 7.5 | 16d ago | Netty vulnerable to HTTP Request Smuggling due to malformed Transfer-Encoding |