9 matches found
ROOT-APP-MAVEN-CVE-2026-42584 CVE-2026-42584 in io.root.io.netty:netty-codec-http - Patched by Root
Root has patched CVE-2026-42584 in the io.root.io.netty:netty-codec-http package for Root:Maven. Multiple fixed versions available...
Security Bulletin: Multiple vulnerabilities in IBM watsonx Orchestrate Developer Edition
Summary Multiple vulnerabilities were addressed in IBM watsonx Orchestrate Developer Edition version 2.12.0 Vulnerability Details CVEID:CVE-2026-42578 DESCRIPTION: Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty's HttpProxyHandl...
CVE-2026-42584
Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpClientCodec pairs each inbound response with an outbound request by queue.poll once per response, including for 1xx. If the client pipelines GET then HEAD and the server sends 103,...
CVE-2026-42584 vulnerabilities
Vulnerabilities for packages: flyway, logstash, trino, docker-selenium, kserve-modelmesh, opensearch, akhq, management-api-for-apache-cassandra-5.0, zipkin, apache-activemq-artemis, tez, strimzi-kafka-operator, apicurio-registry, selenium, apache-pulsar, thingsboard, apache-nifi-registry,...
ai.agentican:agentican-framework-core (>=0.1.0-alpha.2 <=0.1.0-alpha.4), ai.agentican:agentican-quarkus-deployment (>=0.1.0-alpha.1 <=0.1.0-alpha.4) +23809 more potentially affected by CVE-2026-42584 via io.netty:netty-codec-http (>=4.0.0.Alpha1 <=4.1.132.Final)
io.netty:netty-codec-http MAVEN version =4.0.0.Alpha1, =0.1.0-alpha.2, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.3, =0.1.0-alpha.2, =0.1.0, =0.1.0, =0.2.0, =0.2.0, =0.28.0 and more Source cves:...
ai.agentican:agentican-framework-core (>=0.1.0-alpha.2 <=0.1.0-alpha.4), ai.agentican:agentican-quarkus-deployment (>=0.1.0-alpha.1 <=0.1.0-alpha.4) +23809 more potentially affected by CVE-2026-42584 via io.netty:netty-codec-http (>=4.0.0.Alpha1 <=4.1.132.Final)
io.netty:netty-codec-http MAVEN version =4.0.0.Alpha1, =0.1.0-alpha.2, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.3, =0.1.0-alpha.2, =0.1.0, =0.1.0, =0.2.0, =0.2.0, =0.28.0 and more Source cves:...
ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +2921 more potentially affected by CVE-2026-42584 via io.netty:netty-codec-http (>=4.2.0.Alpha1 <=4.2.12.Final)
io.netty:netty-codec-http MAVEN version =4.2.0.Alpha1, =0.1.0, =0.1.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.2 and more Source cves: CVE-2026-42584 Source advisory: SNYK:JAVA-IONETTY-16438923...
ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +2921 more potentially affected by CVE-2026-42584 via io.netty:netty-codec-http (>=4.2.0.Alpha1 <=4.2.12.Final)
io.netty:netty-codec-http MAVEN version =4.2.0.Alpha1, =0.1.0, =0.1.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.2 and more Source cves: CVE-2026-42584 Source advisory: OSV:GHSA-57RV-R2G8-2CJ3...
CVE-2026-42584
creationtimestamp| type| source ---|---|--- 2026-05-05 18:11:31+00:00| published-proof-of-concept| https://github.com/netty/netty/security/advisories/GHSA-57rv-r2g8-2cj3...