Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/io.netty/netty-codec-smtp@4.2.7.Final
purl pkg:maven/io.netty/netty-codec-smtp@4.2.7.Final
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-337s-x5xq-9kc1 Netty has SMTP Command Injection Vulnerability that Allows Email Forgery An SMTP Command Injection (CRLF Injection) vulnerability in Netty's SMTP codec allows a remote attacker who can control SMTP command parameters (e.g., an email recipient) to forge arbitrary emails from the trusted server. This bypasses standard email authentication and can be used to impersonate executives and forge high-stakes corporate communications. CVE-2025-59419
GHSA-jq43-27x9-3v86

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T23:48:30.204032+00:00 GitLab Importer Fixing VCID-337s-x5xq-9kc1 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.netty/netty-codec-smtp/CVE-2025-59419.yml 38.4.0
2026-04-12T01:09:49.117832+00:00 GitLab Importer Fixing VCID-337s-x5xq-9kc1 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.netty/netty-codec-smtp/CVE-2025-59419.yml 38.3.0
2026-04-03T01:18:36.101557+00:00 GitLab Importer Fixing VCID-337s-x5xq-9kc1 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.netty/netty-codec-smtp/CVE-2025-59419.yml 38.1.0
2026-04-01T16:06:53.489906+00:00 GHSA Importer Fixing VCID-337s-x5xq-9kc1 https://github.com/advisories/GHSA-jq43-27x9-3v86 38.0.0
2026-04-01T12:54:28.905340+00:00 GithubOSV Importer Fixing VCID-337s-x5xq-9kc1 https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/10/GHSA-jq43-27x9-3v86/GHSA-jq43-27x9-3v86.json 38.0.0
2026-04-01T12:53:00.864271+00:00 GitLab Importer Fixing VCID-337s-x5xq-9kc1 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.netty/netty-codec-smtp/CVE-2025-59419.yml 38.0.0