VIR Vulnerability Intelligence Relay

Package impact

java Maven / io.netty:netty-codec-http

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2026-42581 critical 9.8 9.8 15d ago Netty HTTP/1.0 TE+CL Coexistence Bypasses Smuggling Sanitization susedebianjava
CVE-2026-42584 critical 9.1 9.1 15d ago Netty has HttpClientCodec response desynchronization susedebianjava
CVE-2026-33870 unknown 2mo ago Netty: HTTP Request Smuggling via Chunked Extension Quoted-String Parsing susedebianjava
CVE-2025-67735 unknown 5mo ago Netty has a CRLF Injection vulnerability in io.netty.handler.codec.http.HttpRequestEncoder susedebianjava
CVE-2025-58056 unknown 9mo ago Netty vulnerable to request smuggling due to incorrect parsing of chunk extensions debianjava
CVE-2024-29025 unknown 2y ago Netty's HttpPostRequestDecoder can OOM susedebianjava
CVE-2022-41915 unknown 4y ago Netty vulnerable to HTTP Response splitting from assigning header value iterator susedebianjava
CVE-2019-20444 unknown 6y ago HTTP Request Smuggling in Netty susedebianjava