Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/io.netty/netty-parent@4.0.28.Final
purl pkg:maven/io.netty/netty-parent@4.0.28.Final
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-81nf-zd3k-mud7 Information Exposure in Netty Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0.28.Final, and 4.1.x before 4.1.0.Beta5 and Play Framework 2.x before 2.3.9 might allow remote attackers to bypass the httpOnly flag on cookies and obtain sensitive information by leveraging improper validation of cookie name and value characters. CVE-2015-2156
GHSA-xfv3-rrfm-f2rv

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T21:05:00.041497+00:00 GitLab Importer Fixing VCID-81nf-zd3k-mud7 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.netty/netty-parent/CVE-2015-2156.yml 38.4.0
2026-04-11T22:16:27.199268+00:00 GitLab Importer Fixing VCID-81nf-zd3k-mud7 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.netty/netty-parent/CVE-2015-2156.yml 38.3.0
2026-04-02T22:28:37.144979+00:00 GitLab Importer Fixing VCID-81nf-zd3k-mud7 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.netty/netty-parent/CVE-2015-2156.yml 38.1.0
2026-04-01T16:46:34.436203+00:00 GitLab Importer Fixing VCID-81nf-zd3k-mud7 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.netty/netty-parent/CVE-2015-2156.yml 38.0.0
2026-04-01T15:58:17.897182+00:00 GHSA Importer Fixing VCID-81nf-zd3k-mud7 https://github.com/advisories/GHSA-xfv3-rrfm-f2rv 38.0.0
2026-04-01T13:00:28.781137+00:00 GithubOSV Importer Fixing VCID-81nf-zd3k-mud7 https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/06/GHSA-xfv3-rrfm-f2rv/GHSA-xfv3-rrfm-f2rv.json 38.0.0