CVE-2026-48059 Netty HAProxy: Unbalanced Reference Count in Nested PP2_TYPE_SSL TLV Parsing Leads to Memory Exhaustion

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the HAProxy PROXY protocol v2 codec in netty leaks native or heap memory on every connection when a client sends a syntactically valid header containing nest...

PT-2021-17973 · Rust +6 · Rust +6

Name of the Vulnerable Software and Affected Versions: Rust versions prior to 1.51.0 Description: The issue arises from the Zip implementation in the standard library, which calls iterator get unchecked for the same index more than once when nested. This can lead to a memory safety violation due ...