194 matches found
ROOT-APP-MAVEN-CVE-2026-42580 CVE-2026-42580 in io.root.io.netty:netty-codec-http - Patched by Root
Root has patched CVE-2026-42580 in the io.root.io.netty:netty-codec-http package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-42579 CVE-2026-42579 in io.root.io.netty:netty-codec-dns - Patched by Root
Root has patched CVE-2026-42579 in the io.root.io.netty:netty-codec-dns package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-42585 CVE-2026-42585 in io.root.io.netty:netty-codec-http - Patched by Root
Root has patched CVE-2026-42585 in the io.root.io.netty:netty-codec-http package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-33870 CVE-2026-33870 in io.root.io.netty:netty-codec-http - Patched by Root
Root has patched CVE-2026-33870 in the io.root.io.netty:netty-codec-http package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-42581 CVE-2026-42581 in io.root.io.netty:netty-codec-http - Patched by Root
Root has patched CVE-2026-42581 in the io.root.io.netty:netty-codec-http package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2025-67735 CVE-2025-67735 in io.root.io.netty:netty-codec-http - Patched by Root
Root has patched CVE-2025-67735 in the io.root.io.netty:netty-codec-http package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-42584 CVE-2026-42584 in io.root.io.netty:netty-codec-http - Patched by Root
Root has patched CVE-2026-42584 in the io.root.io.netty:netty-codec-http package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-41417 CVE-2026-41417 in io.root.io.netty:netty-codec-http - Patched by Root
Root has patched CVE-2026-41417 in the io.root.io.netty:netty-codec-http package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-42583 CVE-2026-42583 in io.root.io.netty:netty-codec - Patched by Root
Root has patched CVE-2026-42583 in the io.root.io.netty:netty-codec package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-42587 CVE-2026-42587 in io.root.io.netty:netty-codec-http - Patched by Root
Root has patched CVE-2026-42587 in the io.root.io.netty:netty-codec-http package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-33871 CVE-2026-33871 in io.root.io.netty:netty-codec-http2 - Patched by Root
Root has patched CVE-2026-33871 in the io.root.io.netty:netty-codec-http2 package for Root:Maven. Multiple fixed versions available...
CVE-2026-41207
The netty incubator codec.bhttp is a java language binary http parser. Prior to version 0.0.21.Final, HKDFexpand returns non-NULL on failure. The byte is filled with zeros and has no way to distinguish success from failure. Since this output is used as HKDF key material for the response AEAD, a...
ROOT-APP-MAVEN-CVE-2025-59419 CVE-2025-59419 in io.root.io.netty:netty-codec-smtp - Patched by Root
Root has patched CVE-2025-59419 in the io.root.io.netty:netty-codec-smtp package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2025-55163 CVE-2025-55163 in io.root.io.netty:netty-codec-http2 - Patched by Root
Root has patched CVE-2025-55163 in the io.root.io.netty:netty-codec-http2 package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2025-58057 CVE-2025-58057 in io.root.io.netty:netty-codec - Patched by Root
Root has patched CVE-2025-58057 in the io.root.io.netty:netty-codec package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-GHSA-XPW8-RCWV-8F8P GHSA-xpw8-rcwv-8f8p in io.root.io.netty:netty-codec-http2 - Patched by Root
Root has patched GHSA-xpw8-rcwv-8f8p in the io.root.io.netty:netty-codec-http2 package for Root:Maven. Multiple fixed versions available...
Security Bulletin: DevOps Test Performance contains vulnerabilities related to use of netty-codec-http
Summary Due to use of netty-codec-http, DevOps Test Performance and Rational Performance Tester contain potential resource exhaustion and denial-of-service DoS vulnerabilities Vulnerability Details CVEID:CVE-2025-58057 DESCRIPTION: Netty is an asynchronous event-driven network application framewo...
Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in netty-codec-http-4.1.132.Final.jar
Summary IBM Watson Discovery Cartridge affected by vulnerability in netty-codec-http-4.1.132.Final.jar Vulnerability Details CVEID:CVE-2026-41417 DESCRIPTION: Netty allows request-line validation to be bypassed when a DefaultHttpRequest or DefaultFullHttpRequest is created first and its URI is...
Security Bulletin: DevOps Test Performance contains a vulnerability related to use of netty-codec-http
Summary Due to use of netty-codec-http, DevOps Test Performance and Rational Performance Tester contain a potential CRLF injection vulnerability. Vulnerability Details CVEID:CVE-2026-41417 DESCRIPTION: Netty allows request-line validation to be bypassed when a DefaultHttpRequest or...
ai.spice:spiceai (=0.6.0), cn.isqing.icloud:icloud-common-utils (>=4.0.3-M1 <=4.0.3.1) +362 more potentially affected by CVE-2026-44248 via io.netty:netty-codec-mqtt (>=4.2.0.Alpha1 <=4.2.12.Final)
io.netty:netty-codec-mqtt MAVEN version =4.2.0.Alpha1, =4.0.3-M1, =1.21.9, =3.4.7, =25.4.1, =26.2.1, =7.9.0, =5.1.0, =5.1.0, =6.80, =0.2.2, =0.2.4 and more Source cves: CVE-2026-44248 Source advisory: SNYK:JAVA-IONETTY-16439015...