io.netty:netty-codec-http vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-50020Mediumio.netty:netty-codec-http: Netty: HttpObjectDecoder skips arbitrary initial control characters when only initial CRLF…CVE-2026-42587Highio.netty:netty-codec-http: Netty: HttpContentDecompressor maxAllocation bypass when Content-Encoding set to br/zstd/snappy…CVE-2026-42585Mediumio.netty:netty-codec-http: Netty vulnerable to HTTP Request Smuggling due to malformed Transfer-EncodingCVE-2026-42584Highio.netty:netty-codec-http: Netty has HttpClientCodec response desynchronizationCVE-2026-42581Mediumio.netty:netty-codec-http: Netty HTTP/1.0 TE+CL Coexistence Bypasses Smuggling SanitizationCVE-2026-42580Mediumio.netty:netty-codec-http: Netty vulnerable to HTTP Request Smuggling due to incorrect chunk size parsingCVE-2026-41417Mediumio.netty:netty-codec-http: Netty: Start-Line Injection in DefaultHttpRequest.setUri() Allows HTTP Request Smuggling and RTSP…CVE-2026-33870Highio.netty:netty-codec-http: Netty: HTTP Request Smuggling via Chunked Extension Quoted-String ParsingCVE-2025-67735Mediumio.netty:netty-codec-http: Netty has a CRLF Injection vulnerability in io.netty.handler.codec.http.HttpRequestEncoderCVE-2025-58056Lowio.netty:netty-codec-http: Netty vulnerable to request smuggling due to incorrect parsing of chunk extensionsCVE-2024-29025Mediumio.netty:netty-codec-http: Netty's HttpPostRequestDecoder can OOMCVE-2022-41915Mediumio.netty:netty-codec-http: Netty vulnerable to HTTP Response splitting from assigning header value iteratorCVE-2022-24823Mediumio.netty:netty-codec-http: Local Information Disclosure Vulnerability in io.netty:netty-codec-httpCVE-2021-43797Mediumio.netty:netty-codec-http: HTTP request smuggling in nettyCVE-2021-21290Mediumio.netty:netty-codec-http: Local Information Disclosure Vulnerability in Netty on Unix-Like systemsCVE-2019-20444Criticalorg.jboss.netty:netty: HTTP Request Smuggling in Netty

Stop the waste.
Protect your environment with Kodem.