Package impact
Maven / io.netty:netty-codec-http2
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-42587 | high | 7.5 | 7.5 | 15d ago | Netty: HttpContentDecompressor maxAllocation bypass when Content-Encoding set to br/zstd/snappy leads to decompression bomb DoS | |
| CVE-2021-21409 | medium | — | 5.5 | 5y ago | Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http… | |
| CVE-2021-21295 | medium | — | 5.5 | 5y ago | Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http… |