netty

Top products

The 15 most recently published vulnerabilities affecting netty.

• CVE-2026-50560Netty susceptible to HTTP/2 Reset Attack with different on-the-wire signature5.3Jun 12, 2026
• CVE-2026-50020Netty's HttpObjectDecoder skips arbitrary initial control characters when only initial CRLF characters are permitted5.3Jun 12, 2026
• CVE-2026-50011Netty has unbounded pre-allocation in RedisArrayAggregator from RESP array length7.5Jun 12, 2026
• CVE-2026-50010Netty's wrapping plain trust manager silently disables hostname verification7.5Jun 12, 2026
• CVE-2026-50009Netty QUIC stateless reset token material exposed through header-visible connection IDs4.8Jun 12, 2026
• CVE-2026-48748Netty HTTP/3 QPACK Blocked Streams Memory Exhaustion7.5Jun 12, 2026
• CVE-2026-48059Netty HAProxy: Unbalanced Reference Count in Nested PP2_TYPE_SSL TLV Parsing Leads to Memory Exhaustion7.5Jun 12, 2026
• CVE-2026-48043netty-codec-http2: ByteBuf Reference-Count Leak in DelegatingDecompressorFrameListener Leads to Memory Exhaustion5.3Jun 12, 2026
• CVE-2026-48006Netty's Lack of Lifecycle Cleanup Leads to Pooled ByteBuf Leak in RedisArrayAggregator7.5Jun 12, 2026
• CVE-2026-47691Netty has Insufficient Bailiwick Validation for NS Records8.7Jun 12, 2026
• CVE-2026-47244Netty HTTP/2: Advertised MAX_CONCURRENT_STREAMS are not enforced5.3Jun 12, 2026
• CVE-2026-46340Netty: SCTP reassembly nests buffers without bound7.5Jun 12, 2026
• CVE-2026-45674Netty Vulnerable to DNS Cache Poisoning via Missing Bailiwick Checks in CNAME Records8.7Jun 12, 2026
• CVE-2026-45673Netty: DNS Cache Poisoning due to Predictable PRNG and Default Static Source Port6.8Jun 12, 2026
• CVE-2026-45536Netty: Unix-socket fd receive leaks descriptors when peer sends two at once4.0Jun 12, 2026