Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/io.netty/netty-codec-http@4.1.70.Final

Type maven

Namespace io.netty

Name netty-codec-http

Version 4.1.70.Final

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 4.1.133.Final

Latest_non_vulnerable_version 4.2.13.Final

Affected_by_vulnerabilities

url VCID-1e5n-j1mz-bkdp

vulnerability_id VCID-1e5n-j1mz-bkdp

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42580.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42580.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-42580

reference_id

reference_type

scores

value	0.00016
scoring_system	epss
scoring_elements	0.04082
published_at	2026-06-11T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.041
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-42580

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42580
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42580

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/netty/netty

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/netty/netty

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-42580

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-42580

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1139914
reference_id	1139914
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1139914

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2477214
reference_id	2477214
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2477214

reference_url

https://github.com/advisories/GHSA-m4cv-j2px-7723

reference_id

GHSA-m4cv-j2px-7723

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-m4cv-j2px-7723

reference_url

https://github.com/netty/netty/security/advisories/GHSA-m4cv-j2px-7723

reference_id

GHSA-m4cv-j2px-7723

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-14T18:21:08Z/

url

https://github.com/netty/netty/security/advisories/GHSA-m4cv-j2px-7723

fixed_packages

url	pkg:maven/io.netty/netty-codec-http@4.1.133.Final
purl	pkg:maven/io.netty/netty-codec-http@4.1.133.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.133.Final

url	pkg:maven/io.netty/netty-codec-http@4.2.13.Final
purl	pkg:maven/io.netty/netty-codec-http@4.2.13.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.2.13.Final

aliases CVE-2026-42580, GHSA-m4cv-j2px-7723

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1e5n-j1mz-bkdp

url VCID-67qx-dgmf-cyfw

vulnerability_id VCID-67qx-dgmf-cyfw

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42585.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42585.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-42585

reference_id

reference_type

scores

value	0.00012
scoring_system	epss
scoring_elements	0.01682
published_at	2026-06-12T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01679
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-42585

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42585
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42585

reference_url

https://datatracker.ietf.org/doc/html/rfc9112#name-message-body-length

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://datatracker.ietf.org/doc/html/rfc9112#name-message-body-length

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/netty/netty

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/netty/netty

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-42585

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-42585

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1139914
reference_id	1139914
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1139914

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2477227
reference_id	2477227
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2477227

reference_url

https://github.com/advisories/GHSA-38f8-5428-x5cv

reference_id

GHSA-38f8-5428-x5cv

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-38f8-5428-x5cv

reference_url

https://github.com/netty/netty/security/advisories/GHSA-38f8-5428-x5cv

reference_id

GHSA-38f8-5428-x5cv

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-15T20:33:59Z/

url

https://github.com/netty/netty/security/advisories/GHSA-38f8-5428-x5cv

reference_url	https://usn.ubuntu.com/8401-1/
reference_id	USN-8401-1
reference_type
scores
url	https://usn.ubuntu.com/8401-1/

fixed_packages

url	pkg:maven/io.netty/netty-codec-http@4.1.133.Final
purl	pkg:maven/io.netty/netty-codec-http@4.1.133.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.133.Final

url	pkg:maven/io.netty/netty-codec-http@4.2.13.Final
purl	pkg:maven/io.netty/netty-codec-http@4.2.13.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.2.13.Final

aliases CVE-2026-42585, GHSA-38f8-5428-x5cv

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-67qx-dgmf-cyfw

url VCID-7t77-fbgp-dqhg

vulnerability_id VCID-7t77-fbgp-dqhg

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43797.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43797.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-43797

reference_id

reference_type

scores

value	0.00381
scoring_system	epss
scoring_elements	0.60084
published_at	2026-06-13T12:55:00Z

value	0.00381
scoring_system	epss
scoring_elements	0.60072
published_at	2026-06-12T12:55:00Z

value	0.00381
scoring_system	epss
scoring_elements	0.59964
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-43797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37136
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37136

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37137
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37137

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43797
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43797

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41881
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41881

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41915
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41915

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/netty/netty

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/netty/netty

reference_url

https://github.com/netty/netty/commit/07aa6b5938a8b6ed7a6586e066400e2643897323

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/netty/netty/commit/07aa6b5938a8b6ed7a6586e066400e2643897323

reference_url

https://github.com/netty/netty/pull/11891

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/netty/netty/pull/11891

reference_url

https://lists.debian.org/debian-lts-announce/2023/01/msg00008.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2023/01/msg00008.html

reference_url

https://security.netapp.com/advisory/ntap-20220107-0003

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20220107-0003

reference_url	https://security.netapp.com/advisory/ntap-20220107-0003/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20220107-0003/

reference_url

https://www.debian.org/security/2023/dsa-5316

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.debian.org/security/2023/dsa-5316

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001437
reference_id	1001437
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001437

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2031958
reference_id	2031958
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2031958

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-43797

reference_id

CVE-2021-43797

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-43797

reference_url

https://github.com/advisories/GHSA-wx5j-54mm-rqqq

reference_id

GHSA-wx5j-54mm-rqqq

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-wx5j-54mm-rqqq

reference_url

https://github.com/netty/netty/security/advisories/GHSA-wx5j-54mm-rqqq

reference_id

GHSA-wx5j-54mm-rqqq

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/netty/netty/security/advisories/GHSA-wx5j-54mm-rqqq

reference_url	https://access.redhat.com/errata/RHSA-2022:0520
reference_id	RHSA-2022:0520
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0520

reference_url	https://access.redhat.com/errata/RHSA-2022:1345
reference_id	RHSA-2022:1345
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1345

reference_url	https://access.redhat.com/errata/RHSA-2022:2216
reference_id	RHSA-2022:2216
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2216

reference_url	https://access.redhat.com/errata/RHSA-2022:2217
reference_id	RHSA-2022:2217
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2217

reference_url	https://access.redhat.com/errata/RHSA-2022:2218
reference_id	RHSA-2022:2218
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2218

reference_url	https://access.redhat.com/errata/RHSA-2022:4623
reference_id	RHSA-2022:4623
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4623

reference_url	https://access.redhat.com/errata/RHSA-2022:4918
reference_id	RHSA-2022:4918
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4918

reference_url	https://access.redhat.com/errata/RHSA-2022:4919
reference_id	RHSA-2022:4919
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4919

reference_url	https://access.redhat.com/errata/RHSA-2022:4922
reference_id	RHSA-2022:4922
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:4922

reference_url	https://access.redhat.com/errata/RHSA-2022:5101
reference_id	RHSA-2022:5101
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5101

reference_url	https://access.redhat.com/errata/RHSA-2022:5498
reference_id	RHSA-2022:5498
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5498

reference_url	https://access.redhat.com/errata/RHSA-2022:5532
reference_id	RHSA-2022:5532
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5532

reference_url	https://access.redhat.com/errata/RHSA-2022:5903
reference_id	RHSA-2022:5903
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5903

reference_url	https://access.redhat.com/errata/RHSA-2022:6782
reference_id	RHSA-2022:6782
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6782

reference_url	https://access.redhat.com/errata/RHSA-2022:6783
reference_id	RHSA-2022:6783
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6783

reference_url	https://access.redhat.com/errata/RHSA-2022:6787
reference_id	RHSA-2022:6787
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6787

reference_url	https://access.redhat.com/errata/RHSA-2022:7409
reference_id	RHSA-2022:7409
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7409

reference_url	https://access.redhat.com/errata/RHSA-2022:7410
reference_id	RHSA-2022:7410
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7410

reference_url	https://access.redhat.com/errata/RHSA-2022:7411
reference_id	RHSA-2022:7411
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7411

reference_url	https://access.redhat.com/errata/RHSA-2022:7417
reference_id	RHSA-2022:7417
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:7417

reference_url	https://usn.ubuntu.com/6049-1/
reference_id	USN-6049-1
reference_type
scores
url	https://usn.ubuntu.com/6049-1/

fixed_packages

url	pkg:maven/io.netty/netty-codec-http@4.1.71
purl	pkg:maven/io.netty/netty-codec-http@4.1.71
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.71

url pkg:maven/io.netty/netty-codec-http@4.1.71.Final

purl pkg:maven/io.netty/netty-codec-http@4.1.71.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1e5n-j1mz-bkdp

vulnerability	VCID-67qx-dgmf-cyfw

vulnerability	VCID-927x-629d-tba4

vulnerability	VCID-c8j1-p9ec-gyds

vulnerability	VCID-e2s5-my34-4fbm

vulnerability	VCID-jbav-4q5e-3bf3

vulnerability	VCID-n286-n1m7-cyc8

vulnerability	VCID-t1gp-2zmz-57a9

vulnerability	VCID-w86r-pvjq-57cf

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.71.Final

aliases CVE-2021-43797, GHSA-wx5j-54mm-rqqq

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7t77-fbgp-dqhg

url VCID-927x-629d-tba4

vulnerability_id VCID-927x-629d-tba4

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33870.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33870.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-33870

reference_id

reference_type

scores

value	0.00028
scoring_system	epss
scoring_elements	0.08405
published_at	2026-06-11T12:55:00Z

value	0.00028
scoring_system	epss
scoring_elements	0.08446
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-33870

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33870
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33870

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/netty/netty

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/netty/netty

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-33870

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-33870

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132229
reference_id	1132229
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132229

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2452453
reference_id	2452453
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2452453

reference_url

https://w4ke.info/2025/10/29/funky-chunks-2.html

reference_id

funky-chunks-2.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:55:28Z/

url

https://w4ke.info/2025/10/29/funky-chunks-2.html

reference_url

https://w4ke.info/2025/06/18/funky-chunks.html

reference_id

funky-chunks.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:55:28Z/

url

https://w4ke.info/2025/06/18/funky-chunks.html

reference_url

https://github.com/advisories/GHSA-pwqr-wmgm-9rr8

reference_id

GHSA-pwqr-wmgm-9rr8

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-pwqr-wmgm-9rr8

reference_url

https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8

reference_id

GHSA-pwqr-wmgm-9rr8

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:55:28Z/

url

https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8

reference_url

https://www.rfc-editor.org/rfc/rfc9110

reference_id

rfc9110

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:55:28Z/

url

https://www.rfc-editor.org/rfc/rfc9110

reference_url	https://access.redhat.com/errata/RHSA-2026:10175
reference_id	RHSA-2026:10175
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:10175

reference_url	https://access.redhat.com/errata/RHSA-2026:10184
reference_id	RHSA-2026:10184
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:10184

reference_url	https://access.redhat.com/errata/RHSA-2026:13571
reference_id	RHSA-2026:13571
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:13571

reference_url	https://access.redhat.com/errata/RHSA-2026:14272
reference_id	RHSA-2026:14272
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:14272

reference_url	https://access.redhat.com/errata/RHSA-2026:14276
reference_id	RHSA-2026:14276
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:14276

reference_url	https://access.redhat.com/errata/RHSA-2026:17668
reference_id	RHSA-2026:17668
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:17668

reference_url	https://access.redhat.com/errata/RHSA-2026:17789
reference_id	RHSA-2026:17789
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:17789

reference_url	https://access.redhat.com/errata/RHSA-2026:18054
reference_id	RHSA-2026:18054
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:18054

reference_url	https://access.redhat.com/errata/RHSA-2026:18055
reference_id	RHSA-2026:18055
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:18055

reference_url	https://access.redhat.com/errata/RHSA-2026:18059
reference_id	RHSA-2026:18059
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:18059

reference_url	https://access.redhat.com/errata/RHSA-2026:22619
reference_id	RHSA-2026:22619
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:22619

reference_url	https://access.redhat.com/errata/RHSA-2026:7109
reference_id	RHSA-2026:7109
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7109

reference_url	https://access.redhat.com/errata/RHSA-2026:7380
reference_id	RHSA-2026:7380
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:7380

reference_url	https://access.redhat.com/errata/RHSA-2026:8159
reference_id	RHSA-2026:8159
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8159

reference_url	https://access.redhat.com/errata/RHSA-2026:8509
reference_id	RHSA-2026:8509
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:8509

fixed_packages

url pkg:maven/io.netty/netty-codec-http@4.1.132.Final

purl pkg:maven/io.netty/netty-codec-http@4.1.132.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1e5n-j1mz-bkdp

vulnerability	VCID-67qx-dgmf-cyfw

vulnerability	VCID-e2s5-my34-4fbm

vulnerability	VCID-jbav-4q5e-3bf3

vulnerability	VCID-n286-n1m7-cyc8

vulnerability	VCID-t1gp-2zmz-57a9

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.132.Final

url pkg:maven/io.netty/netty-codec-http@4.2.10.Final

purl pkg:maven/io.netty/netty-codec-http@4.2.10.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1e5n-j1mz-bkdp

vulnerability	VCID-67qx-dgmf-cyfw

vulnerability	VCID-e2s5-my34-4fbm

vulnerability	VCID-jbav-4q5e-3bf3

vulnerability	VCID-n286-n1m7-cyc8

vulnerability	VCID-t1gp-2zmz-57a9

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.2.10.Final

aliases CVE-2026-33870, GHSA-pwqr-wmgm-9rr8

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-927x-629d-tba4

url VCID-c8j1-p9ec-gyds

vulnerability_id VCID-c8j1-p9ec-gyds

summary Netty is an asynchronous event-driven network application framework for development of maintainable high performance protocol servers and clients. In versions 4.1.124.Final, and 4.2.0.Alpha3 through 4.2.4.Final, Netty incorrectly accepts standalone newline characters (LF) as a chunk-size line terminator, regardless of a preceding carriage return (CR), instead of requiring CRLF per HTTP/1.1 standards. When combined with reverse proxies that parse LF differently (treating it as part of the chunk extension), attackers can craft requests that the proxy sees as one request but Netty processes as two, enabling request smuggling attacks. This is fixed in versions 4.1.125.Final and 4.2.5.Final.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58056.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58056.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-58056

reference_id

reference_type

scores

value	0.00097
scoring_system	epss
scoring_elements	0.26958
published_at	2026-06-12T12:55:00Z

value	0.00097
scoring_system	epss
scoring_elements	0.26757
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-58056

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58056
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58056

reference_url

https://github.com/github/advisory-database/pull/6092

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/github/advisory-database/pull/6092

reference_url

https://github.com/netty/netty

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://github.com/netty/netty

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2025-58056

reference_id

reference_type

scores

value	LOW
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2025-58056

reference_url

https://github.com/JLLeitschuh/unCVEed/issues/1

reference_id

reference_type

scores

value	2.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-04T19:09:52Z/

url

https://github.com/JLLeitschuh/unCVEed/issues/1

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1113995
reference_id	1113995
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1113995

reference_url

https://github.com/netty/netty/issues/15522

reference_id

15522

reference_type

scores

value	2.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-04T19:09:52Z/

url

https://github.com/netty/netty/issues/15522

reference_url

https://github.com/netty/netty/pull/15611

reference_id

15611

reference_type

scores

value	2.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-04T19:09:52Z/

url

https://github.com/netty/netty/pull/15611

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2392996
reference_id	2392996
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2392996

reference_url

https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284

reference_id

edb55fd8e0a3bcbd85881e423464f585183d1284

reference_type

scores

value	2.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-04T19:09:52Z/

url

https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284

reference_url

https://w4ke.info/2025/06/18/funky-chunks.html

reference_id

funky-chunks.html

reference_type

scores

value	2.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-04T19:09:52Z/

url

https://w4ke.info/2025/06/18/funky-chunks.html

reference_url	https://github.com/advisories/GHSA-fghv-69vj-qj49
reference_id	GHSA-fghv-69vj-qj49
reference_type
scores
url	https://github.com/advisories/GHSA-fghv-69vj-qj49

reference_url

https://github.com/netty/netty/security/advisories/GHSA-fghv-69vj-qj49

reference_id

GHSA-fghv-69vj-qj49

reference_type

scores

value	2.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-04T19:09:52Z/

url

https://github.com/netty/netty/security/advisories/GHSA-fghv-69vj-qj49

reference_url

https://datatracker.ietf.org/doc/html/rfc9112#name-chunked-transfer-coding

reference_id

rfc9112#name-chunked-transfer-coding

reference_type

scores

value	2.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

value	LOW
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-04T19:09:52Z/

url

https://datatracker.ietf.org/doc/html/rfc9112#name-chunked-transfer-coding

reference_url	https://access.redhat.com/errata/RHSA-2025:17187
reference_id	RHSA-2025:17187
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:17187

reference_url	https://access.redhat.com/errata/RHSA-2025:17298
reference_id	RHSA-2025:17298
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:17298

reference_url	https://access.redhat.com/errata/RHSA-2025:17299
reference_id	RHSA-2025:17299
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:17299

reference_url	https://access.redhat.com/errata/RHSA-2025:17317
reference_id	RHSA-2025:17317
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:17317

reference_url	https://access.redhat.com/errata/RHSA-2025:17318
reference_id	RHSA-2025:17318
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:17318

reference_url	https://access.redhat.com/errata/RHSA-2025:17563
reference_id	RHSA-2025:17563
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:17563

reference_url	https://access.redhat.com/errata/RHSA-2025:17567
reference_id	RHSA-2025:17567
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:17567

reference_url	https://access.redhat.com/errata/RHSA-2025:18028
reference_id	RHSA-2025:18028
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18028

reference_url	https://access.redhat.com/errata/RHSA-2025:18076
reference_id	RHSA-2025:18076
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:18076

reference_url	https://access.redhat.com/errata/RHSA-2025:21148
reference_id	RHSA-2025:21148
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:21148

reference_url	https://access.redhat.com/errata/RHSA-2025:23417
reference_id	RHSA-2025:23417
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:23417

reference_url	https://access.redhat.com/errata/RHSA-2026:3102
reference_id	RHSA-2026:3102
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:3102

reference_url	https://usn.ubuntu.com/7918-1/
reference_id	USN-7918-1
reference_type
scores
url	https://usn.ubuntu.com/7918-1/

fixed_packages

url pkg:maven/io.netty/netty-codec-http@4.1.125.Final

purl pkg:maven/io.netty/netty-codec-http@4.1.125.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1e5n-j1mz-bkdp

vulnerability	VCID-67qx-dgmf-cyfw

vulnerability	VCID-927x-629d-tba4

vulnerability	VCID-e2s5-my34-4fbm

vulnerability	VCID-jbav-4q5e-3bf3

vulnerability	VCID-n286-n1m7-cyc8

vulnerability	VCID-t1gp-2zmz-57a9

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.125.Final

url pkg:maven/io.netty/netty-codec-http@4.2.5.Final

purl pkg:maven/io.netty/netty-codec-http@4.2.5.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1e5n-j1mz-bkdp

vulnerability	VCID-67qx-dgmf-cyfw

vulnerability	VCID-927x-629d-tba4

vulnerability	VCID-e2s5-my34-4fbm

vulnerability	VCID-jbav-4q5e-3bf3

vulnerability	VCID-n286-n1m7-cyc8

vulnerability	VCID-t1gp-2zmz-57a9

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.2.5.Final

aliases CVE-2025-58056, GHSA-fghv-69vj-qj49

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c8j1-p9ec-gyds

url VCID-e2s5-my34-4fbm

vulnerability_id VCID-e2s5-my34-4fbm

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41417.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41417.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-41417

reference_id

reference_type

scores

value	0.00021
scoring_system	epss
scoring_elements	0.06222
published_at	2026-06-11T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.06244
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-41417

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41417
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41417

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/netty/netty

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/netty/netty

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-41417

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-41417

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136023
reference_id	1136023
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136023

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2467540
reference_id	2467540
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2467540

reference_url

https://github.com/advisories/GHSA-v8h7-rr48-vmmv

reference_id

GHSA-v8h7-rr48-vmmv

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-v8h7-rr48-vmmv

reference_url

https://github.com/netty/netty/security/advisories/GHSA-v8h7-rr48-vmmv

reference_id

GHSA-v8h7-rr48-vmmv

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T13:59:21Z/

url

https://github.com/netty/netty/security/advisories/GHSA-v8h7-rr48-vmmv

fixed_packages

url	pkg:maven/io.netty/netty-codec-http@4.1.133.Final
purl	pkg:maven/io.netty/netty-codec-http@4.1.133.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.133.Final

url	pkg:maven/io.netty/netty-codec-http@4.2.13.Final
purl	pkg:maven/io.netty/netty-codec-http@4.2.13.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.2.13.Final

aliases CVE-2026-41417, GHSA-v8h7-rr48-vmmv

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e2s5-my34-4fbm

url VCID-jbav-4q5e-3bf3

vulnerability_id VCID-jbav-4q5e-3bf3

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42581.json

reference_id

reference_type

scores

value	7.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42581.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-42581

reference_id

reference_type

scores

value	0.00017
scoring_system	epss
scoring_elements	0.04498
published_at	2026-06-11T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.045
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-42581

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42581
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42581

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/netty/netty

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/netty/netty

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-42581

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-42581

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1139914
reference_id	1139914
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1139914

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2477232
reference_id	2477232
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2477232

reference_url

https://github.com/advisories/GHSA-xxqh-mfjm-7mv9

reference_id

GHSA-xxqh-mfjm-7mv9

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-xxqh-mfjm-7mv9

reference_url

https://github.com/netty/netty/security/advisories/GHSA-xxqh-mfjm-7mv9

reference_id

GHSA-xxqh-mfjm-7mv9

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T18:42:38Z/

url

https://github.com/netty/netty/security/advisories/GHSA-xxqh-mfjm-7mv9

reference_url	https://access.redhat.com/errata/RHSA-2026:23808
reference_id	RHSA-2026:23808
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:23808

reference_url	https://access.redhat.com/errata/RHSA-2026:24502
reference_id	RHSA-2026:24502
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:24502

reference_url	https://access.redhat.com/errata/RHSA-2026:25123
reference_id	RHSA-2026:25123
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:25123

reference_url	https://usn.ubuntu.com/8401-1/
reference_id	USN-8401-1
reference_type
scores
url	https://usn.ubuntu.com/8401-1/

fixed_packages

url	pkg:maven/io.netty/netty-codec-http@4.1.133.Final
purl	pkg:maven/io.netty/netty-codec-http@4.1.133.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.133.Final

url	pkg:maven/io.netty/netty-codec-http@4.2.13.Final
purl	pkg:maven/io.netty/netty-codec-http@4.2.13.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.2.13.Final

aliases CVE-2026-42581, GHSA-xxqh-mfjm-7mv9

risk_score 3.2

exploitability 0.5

weighted_severity 6.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jbav-4q5e-3bf3

url VCID-n286-n1m7-cyc8

vulnerability_id VCID-n286-n1m7-cyc8

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42587.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42587.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-42587

reference_id

reference_type

scores

value	0.00018
scoring_system	epss
scoring_elements	0.04779
published_at	2026-06-12T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04776
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-42587

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42587
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42587

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/netty/netty

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/netty/netty

reference_url

https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-42587

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-42587

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1139914
reference_id	1139914
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1139914

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2477220
reference_id	2477220
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2477220

reference_url

https://github.com/advisories/GHSA-f6hv-jmp6-3vwv

reference_id

GHSA-f6hv-jmp6-3vwv

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-f6hv-jmp6-3vwv

reference_url	https://access.redhat.com/errata/RHSA-2026:23808
reference_id	RHSA-2026:23808
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:23808

reference_url	https://access.redhat.com/errata/RHSA-2026:24502
reference_id	RHSA-2026:24502
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:24502

reference_url	https://access.redhat.com/errata/RHSA-2026:25123
reference_id	RHSA-2026:25123
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:25123

fixed_packages

url	pkg:maven/io.netty/netty-codec-http@4.1.133.Final
purl	pkg:maven/io.netty/netty-codec-http@4.1.133.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.133.Final

url	pkg:maven/io.netty/netty-codec-http@4.2.13.Final
purl	pkg:maven/io.netty/netty-codec-http@4.2.13.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.2.13.Final

aliases CVE-2026-42587, GHSA-f6hv-jmp6-3vwv

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n286-n1m7-cyc8

url VCID-t1gp-2zmz-57a9

vulnerability_id VCID-t1gp-2zmz-57a9

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42584.json

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42584.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-42584

reference_id

reference_type

scores

value	0.00016
scoring_system	epss
scoring_elements	0.03884
published_at	2026-06-11T12:55:00Z

value	0.00016
scoring_system	epss
scoring_elements	0.03905
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-42584

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42584
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42584

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/netty/netty

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/netty/netty

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2026-42584

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2026-42584

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1139914
reference_id	1139914
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1139914

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2477224
reference_id	2477224
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2477224

reference_url

https://github.com/advisories/GHSA-57rv-r2g8-2cj3

reference_id

GHSA-57rv-r2g8-2cj3

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-57rv-r2g8-2cj3

reference_url

https://github.com/netty/netty/security/advisories/GHSA-57rv-r2g8-2cj3

reference_id

GHSA-57rv-r2g8-2cj3

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

value	HIGH
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T18:35:01Z/

url

https://github.com/netty/netty/security/advisories/GHSA-57rv-r2g8-2cj3

reference_url	https://access.redhat.com/errata/RHSA-2026:23808
reference_id	RHSA-2026:23808
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:23808

reference_url	https://access.redhat.com/errata/RHSA-2026:24502
reference_id	RHSA-2026:24502
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:24502

reference_url	https://access.redhat.com/errata/RHSA-2026:25123
reference_id	RHSA-2026:25123
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2026:25123

reference_url	https://usn.ubuntu.com/8401-1/
reference_id	USN-8401-1
reference_type
scores
url	https://usn.ubuntu.com/8401-1/

fixed_packages

url	pkg:maven/io.netty/netty-codec-http@4.1.133.Final
purl	pkg:maven/io.netty/netty-codec-http@4.1.133.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.133.Final

url	pkg:maven/io.netty/netty-codec-http@4.2.13.Final
purl	pkg:maven/io.netty/netty-codec-http@4.2.13.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.2.13.Final

aliases CVE-2026-42584, GHSA-57rv-r2g8-2cj3

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t1gp-2zmz-57a9

url VCID-w86r-pvjq-57cf

vulnerability_id VCID-w86r-pvjq-57cf

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29025.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29025.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-29025

reference_id

reference_type

scores

value	0.00343
scoring_system	epss
scoring_elements	0.57409
published_at	2026-06-12T12:55:00Z

value	0.00343
scoring_system	epss
scoring_elements	0.57291
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-29025

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29025
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29025

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/netty/netty

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/netty/netty

reference_url

https://github.com/vietj/netty/tree/post-request-decoder

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/vietj/netty/tree/post-request-decoder

reference_url

https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c

reference_id

0d0c6ed782d13d423586ad0c71737b2c7d02058c

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T15:54:48Z/

url

https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068110
reference_id	1068110
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068110

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2272907
reference_id	2272907
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2272907

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-29025

reference_id

CVE-2024-29025

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-29025

reference_url

https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3

reference_id

f558b8ea81ec6505f1e9a6ca283c9ae3

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T15:54:48Z/

url

https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3

reference_url

https://github.com/advisories/GHSA-5jpm-x58v-624v

reference_id

GHSA-5jpm-x58v-624v

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-5jpm-x58v-624v

reference_url

https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v

reference_id

GHSA-5jpm-x58v-624v

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T15:54:48Z/

url

https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v

reference_url

https://lists.debian.org/debian-lts-announce/2024/06/msg00015.html

reference_id

msg00015.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T15:54:48Z/

url

https://lists.debian.org/debian-lts-announce/2024/06/msg00015.html

reference_url	https://access.redhat.com/errata/RHSA-2024:2088
reference_id	RHSA-2024:2088
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2088

reference_url	https://access.redhat.com/errata/RHSA-2024:2106
reference_id	RHSA-2024:2106
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2106

reference_url	https://access.redhat.com/errata/RHSA-2024:2705
reference_id	RHSA-2024:2705
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2705

reference_url	https://access.redhat.com/errata/RHSA-2024:2833
reference_id	RHSA-2024:2833
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2833

reference_url	https://access.redhat.com/errata/RHSA-2024:2945
reference_id	RHSA-2024:2945
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2945

reference_url	https://access.redhat.com/errata/RHSA-2024:3527
reference_id	RHSA-2024:3527
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3527

reference_url	https://access.redhat.com/errata/RHSA-2024:3550
reference_id	RHSA-2024:3550
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3550

reference_url	https://access.redhat.com/errata/RHSA-2024:4028
reference_id	RHSA-2024:4028
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4028

reference_url	https://access.redhat.com/errata/RHSA-2024:4460
reference_id	RHSA-2024:4460
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4460

reference_url	https://access.redhat.com/errata/RHSA-2024:4884
reference_id	RHSA-2024:4884
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4884

reference_url	https://access.redhat.com/errata/RHSA-2024:5143
reference_id	RHSA-2024:5143
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5143

reference_url	https://access.redhat.com/errata/RHSA-2024:5144
reference_id	RHSA-2024:5144
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5144

reference_url	https://access.redhat.com/errata/RHSA-2024:5145
reference_id	RHSA-2024:5145
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5145

reference_url	https://access.redhat.com/errata/RHSA-2024:5147
reference_id	RHSA-2024:5147
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5147

reference_url	https://access.redhat.com/errata/RHSA-2024:5479
reference_id	RHSA-2024:5479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5479

reference_url	https://access.redhat.com/errata/RHSA-2024:5481
reference_id	RHSA-2024:5481
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5481

reference_url	https://access.redhat.com/errata/RHSA-2024:5482
reference_id	RHSA-2024:5482
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5482

reference_url	https://access.redhat.com/errata/RHSA-2024:6657
reference_id	RHSA-2024:6657
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6657

reference_url	https://access.redhat.com/errata/RHSA-2024:9571
reference_id	RHSA-2024:9571
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9571

reference_url	https://usn.ubuntu.com/7284-1/
reference_id	USN-7284-1
reference_type
scores
url	https://usn.ubuntu.com/7284-1/

fixed_packages

url pkg:maven/io.netty/netty-codec-http@4.1.108.Final

purl pkg:maven/io.netty/netty-codec-http@4.1.108.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1e5n-j1mz-bkdp

vulnerability	VCID-67qx-dgmf-cyfw

vulnerability	VCID-927x-629d-tba4

vulnerability	VCID-c8j1-p9ec-gyds

vulnerability	VCID-e2s5-my34-4fbm

vulnerability	VCID-jbav-4q5e-3bf3

vulnerability	VCID-n286-n1m7-cyc8

vulnerability	VCID-t1gp-2zmz-57a9

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.108.Final

aliases CVE-2024-29025, GHSA-5jpm-x58v-624v

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w86r-pvjq-57cf

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.70.Final

Package Instance