Lucene search
K

4 matches found

NVD
NVD
added 2026/05/13 7:17 p.m.11 views

CVE-2026-42584

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpClientCodec pairs each inbound response with an outbound request by queue.poll once per response, including for 1xx. If the client pipelines GET then HEAD and the server sends 103,...

9.1CVSS0.0075EPSS
Exploits1References10
OSV
OSV
added 2026/05/13 7:17 p.m.7 views

UBUNTU-CVE-2026-42584

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpClientCodec pairs each inbound response with an outbound request by queue.poll once per response, including for 1xx. If the client pipelines GET then HEAD and the server sends 103,...

9.1CVSS5.8AI score0.0075EPSS
Exploits1References4
OSV
OSV
added 2026/05/13 6:10 p.m.2 views

CVE-2026-42584 Netty: HttpClientCodec response desynchronization

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpClientCodec pairs each inbound response with an outbound request by queue.poll once per response, including for 1xx. If the client pipelines GET then HEAD and the server sends 103,...

7.3CVSS6.8AI score0.0075EPSS
Exploits1References12
Github Security Blog
Github Security Blog
added 2026/05/07 12:21 a.m.14 views

Netty has HttpClientCodec response desynchronization

Summary If HttpClientCodec is configured, there are use cases when a response body from one request, can be parsed as another's. Details HttpClientCodec pairs each inbound response with an outbound request by queue.poll once per response, including for 1xx. If the client pipelines GET then HEAD a...

9.1CVSS5.8AI score0.0075EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder