{"url":"http://public2.vulnerablecode.io/api/packages/484525?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.1.48.Final","type":"maven","namespace":"io.netty","name":"netty-codec-http","version":"4.1.48.Final","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"4.1.133.Final","latest_non_vulnerable_version":"4.2.13.Final","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/28683?format=json","vulnerability_id":"VCID-1e5n-j1mz-bkdp","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42580.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42580.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42580","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.041","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.04089","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.04082","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.0486","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42580"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42580","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42580"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/netty/netty","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/netty/netty"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42580","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42580"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1139914","reference_id":"1139914","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1139914"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477214","reference_id":"2477214","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477214"},{"reference_url":"https://github.com/advisories/GHSA-m4cv-j2px-7723","reference_id":"GHSA-m4cv-j2px-7723","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-m4cv-j2px-7723"},{"reference_url":"https://github.com/netty/netty/security/advisories/GHSA-m4cv-j2px-7723","reference_id":"GHSA-m4cv-j2px-7723","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-14T18:21:08Z/"}],"url":"https://github.com/netty/netty/security/advisories/GHSA-m4cv-j2px-7723"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/375369?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.1.133.Final","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.133.Final"},{"url":"http://public2.vulnerablecode.io/api/packages/1206405?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.1.133","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.133"},{"url":"http://public2.vulnerablecode.io/api/packages/375367?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.2.13.Final","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.2.13.Final"},{"url":"http://public2.vulnerablecode.io/api/packages/1206406?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.2.13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.2.13"}],"aliases":["CVE-2026-42580","GHSA-m4cv-j2px-7723"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1e5n-j1mz-bkdp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9012?format=json","vulnerability_id":"VCID-4e1q-2s61-ckg9","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21290.json","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21290.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21290","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07231","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07197","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07239","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.07232","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21290"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20444","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20444"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20445","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20445"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11612","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11612"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7238","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7238"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21290","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21290"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21295","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21295"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21409","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21409"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/netty/netty","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/netty/netty"},{"reference_url":"https://github.com/netty/netty/commit/c735357bf29d07856ad171c6611a2e1a0e0000ec","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/netty/netty/commit/c735357bf29d07856ad171c6611a2e1a0e0000ec"},{"reference_url":"https://lists.apache.org/thread.html/r0053443ce19ff125981559f8c51cf66e3ab4350f47812b8cf0733a05@%3Cdev.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r0053443ce19ff125981559f8c51cf66e3ab4350f47812b8cf0733a05@%3Cdev.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r02e467123d45006a1dda20a38349e9c74c3a4b53e2e07be0939ecb3f@%3Cdev.ranger.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r02e467123d45006a1dda20a38349e9c74c3a4b53e2e07be0939ecb3f@%3Cdev.ranger.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r0857b613604c696bf9743f0af047360baaded48b1c75cf6945a083c5@%3Cjira.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r0857b613604c696bf9743f0af047360baaded48b1c75cf6945a083c5@%3Cjira.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r10308b625e49d4e9491d7e079606ca0df2f0a4d828f1ad1da64ba47b@%3Cjira.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r10308b625e49d4e9491d7e079606ca0df2f0a4d828f1ad1da64ba47b@%3Cjira.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r1908a34b9cc7120e5c19968a116ddbcffea5e9deb76c2be4fa461904@%3Cdev.zookeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r1908a34b9cc7120e5c19968a116ddbcffea5e9deb76c2be4fa461904@%3Cdev.zookeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2748097ea4b774292539cf3de6e3b267fc7a88d6c8ec40f4e2e87bd4@%3Cdev.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r2748097ea4b774292539cf3de6e3b267fc7a88d6c8ec40f4e2e87bd4@%3Cdev.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2936730ef0a06e724b96539bc7eacfcd3628987c16b1b99c790e7b87@%3Cissues.zookeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r2936730ef0a06e724b96539bc7eacfcd3628987c16b1b99c790e7b87@%3Cissues.zookeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r2fda4dab73097051977f2ab818f75e04fbcb15bb1003c8530eac1059@%3Cjira.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r2fda4dab73097051977f2ab818f75e04fbcb15bb1003c8530eac1059@%3Cjira.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r326ec431f06eab7cb7113a7a338e59731b8d556d05258457f12bac1b@%3Cdev.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r326ec431f06eab7cb7113a7a338e59731b8d556d05258457f12bac1b@%3Cdev.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r4efed2c501681cb2e8d629da16e48d9eac429624fd4c9a8c6b8e7020@%3Cdev.tinkerpop.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r4efed2c501681cb2e8d629da16e48d9eac429624fd4c9a8c6b8e7020@%3Cdev.tinkerpop.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r584cf871f188c406d8bd447ff4e2fd9817fca862436c064d0951a071@%3Ccommits.pulsar.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r584cf871f188c406d8bd447ff4e2fd9817fca862436c064d0951a071@%3Ccommits.pulsar.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r59bac5c09f7a4179b9e2460e8f41c278aaf3b9a21cc23678eb893e41@%3Cjira.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r59bac5c09f7a4179b9e2460e8f41c278aaf3b9a21cc23678eb893e41@%3Cjira.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5bf303d7c04da78f276765da08559fdc62420f1df539b277ca31f63b@%3Cissues.zookeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r5bf303d7c04da78f276765da08559fdc62420f1df539b277ca31f63b@%3Cissues.zookeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5c701840aa2845191721e39821445e1e8c59711e71942b7796a6ec29@%3Cusers.activemq.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r5c701840aa2845191721e39821445e1e8c59711e71942b7796a6ec29@%3Cusers.activemq.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5e4a540089760c8ecc2c411309d74264f1dad634ad93ad583ca16214@%3Ccommits.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r5e4a540089760c8ecc2c411309d74264f1dad634ad93ad583ca16214@%3Ccommits.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r5e66e286afb5506cdfe9bbf68a323e8d09614f6d1ddc806ed0224700@%3Cjira.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r5e66e286afb5506cdfe9bbf68a323e8d09614f6d1ddc806ed0224700@%3Cjira.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r71dbb66747ff537640bb91eb0b2b24edef21ac07728097016f58b01f@%3Ccommits.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r71dbb66747ff537640bb91eb0b2b24edef21ac07728097016f58b01f@%3Ccommits.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r743149dcc8db1de473e6bff0b3ddf10140a7357bc2add75f7d1fbb12@%3Cdev.zookeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r743149dcc8db1de473e6bff0b3ddf10140a7357bc2add75f7d1fbb12@%3Cdev.zookeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r790c2926efcd062067eb18fde2486527596d7275381cfaff2f7b3890@%3Cissues.bookkeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r790c2926efcd062067eb18fde2486527596d7275381cfaff2f7b3890@%3Cissues.bookkeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r7bb3cdc192e9a6f863d3ea05422f09fa1ae2b88d4663e63696ee7ef5@%3Cdev.ranger.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r7bb3cdc192e9a6f863d3ea05422f09fa1ae2b88d4663e63696ee7ef5@%3Cdev.ranger.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/r9924ef9357537722b28d04c98a189750b80694a19754e5057c34ca48@%3Ccommits.pulsar.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/r9924ef9357537722b28d04c98a189750b80694a19754e5057c34ca48@%3Ccommits.pulsar.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra0fc2b4553dd7aaf75febb61052b7f1243ac3a180a71c01f29093013@%3Cjira.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ra0fc2b4553dd7aaf75febb61052b7f1243ac3a180a71c01f29093013@%3Cjira.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/ra503756ced78fdc2136bd33e87cb7553028645b261b1f5c6186a121e@%3Cjira.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/ra503756ced78fdc2136bd33e87cb7553028645b261b1f5c6186a121e@%3Cjira.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb06c1e766aa45ee422e8261a8249b561784186483e8f742ea627bda4@%3Cdev.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rb06c1e766aa45ee422e8261a8249b561784186483e8f742ea627bda4@%3Cdev.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb51d6202ff1a773f96eaa694b7da4ad3f44922c40b3d4e1a19c2f325@%3Ccommits.pulsar.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rb51d6202ff1a773f96eaa694b7da4ad3f44922c40b3d4e1a19c2f325@%3Ccommits.pulsar.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rb592033a2462548d061a83ac9449c5ff66098751748fcd1e2d008233@%3Cissues.zookeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rb592033a2462548d061a83ac9449c5ff66098751748fcd1e2d008233@%3Cissues.zookeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc0087125cb15b4b78e44000f841cd37fefedfda942fd7ddf3ad1b528@%3Cissues.zookeeper.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rc0087125cb15b4b78e44000f841cd37fefedfda942fd7ddf3ad1b528@%3Cissues.zookeeper.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rc488f80094872ad925f0c73d283d4c00d32def81977438e27a3dc2bb@%3Cjira.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rc488f80094872ad925f0c73d283d4c00d32def81977438e27a3dc2bb@%3Cjira.kafka.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rcd163e421273e8dca1c71ea298dce3dd11b41d51c3a812e0394e6a5d@%3Ccommits.pulsar.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rcd163e421273e8dca1c71ea298dce3dd11b41d51c3a812e0394e6a5d@%3Ccommits.pulsar.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/rdba4f78ac55f803893a1a2265181595e79e3aa027e2e651dfba98c18@%3Cjira.kafka.apache.org%3E","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.apache.org/thread.html/rdba4f78ac55f803893a1a2265181595e79e3aa027e2e651dfba98c18@%3Cjira.kafka.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/02/msg00016.html","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2021/02/msg00016.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21290","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-21290"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220210-0011","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20220210-0011"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220210-0011/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20220210-0011/"},{"reference_url":"https://www.debian.org/security/2021/dsa-4885","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2021/dsa-4885"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1927028","reference_id":"1927028","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1927028"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982580","reference_id":"982580","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982580"},{"reference_url":"https://github.com/advisories/GHSA-5mcr-gq6c-3hq2","reference_id":"GHSA-5mcr-gq6c-3hq2","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5mcr-gq6c-3hq2"},{"reference_url":"https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2","reference_id":"GHSA-5mcr-gq6c-3hq2","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0943","reference_id":"RHSA-2021:0943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0986","reference_id":"RHSA-2021:0986","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0986"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1511","reference_id":"RHSA-2021:1511","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1511"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2046","reference_id":"RHSA-2021:2046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2047","reference_id":"RHSA-2021:2047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2048","reference_id":"RHSA-2021:2048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2048"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2051","reference_id":"RHSA-2021:2051","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2051"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2070","reference_id":"RHSA-2021:2070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2139","reference_id":"RHSA-2021:2139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2210","reference_id":"RHSA-2021:2210","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2210"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2689","reference_id":"RHSA-2021:2689","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2689"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2755","reference_id":"RHSA-2021:2755","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2755"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3225","reference_id":"RHSA-2021:3225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3700","reference_id":"RHSA-2021:3700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3700"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:3880","reference_id":"RHSA-2021:3880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:3880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:5134","reference_id":"RHSA-2021:5134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:5134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0190","reference_id":"RHSA-2022:0190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0190"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1108","reference_id":"RHSA-2022:1108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1110","reference_id":"RHSA-2022:1110","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1110"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5498","reference_id":"RHSA-2022:5498","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5498"},{"reference_url":"https://usn.ubuntu.com/6049-1/","reference_id":"USN-6049-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6049-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/382780?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.1.59.Final","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e5n-j1mz-bkdp"},{"vulnerability":"VCID-67qx-dgmf-cyfw"},{"vulnerability":"VCID-7t77-fbgp-dqhg"},{"vulnerability":"VCID-927x-629d-tba4"},{"vulnerability":"VCID-c8j1-p9ec-gyds"},{"vulnerability":"VCID-e2s5-my34-4fbm"},{"vulnerability":"VCID-jbav-4q5e-3bf3"},{"vulnerability":"VCID-n286-n1m7-cyc8"},{"vulnerability":"VCID-t1gp-2zmz-57a9"},{"vulnerability":"VCID-w86r-pvjq-57cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.59.Final"}],"aliases":["CVE-2021-21290","GHSA-5mcr-gq6c-3hq2"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4e1q-2s61-ckg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/28688?format=json","vulnerability_id":"VCID-67qx-dgmf-cyfw","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42585.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42585.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42585","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01685","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01679","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01682","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02048","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42585"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42585","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42585"},{"reference_url":"https://datatracker.ietf.org/doc/html/rfc9112#name-message-body-length","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://datatracker.ietf.org/doc/html/rfc9112#name-message-body-length"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/netty/netty","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/netty/netty"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42585","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42585"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1139914","reference_id":"1139914","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1139914"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477227","reference_id":"2477227","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477227"},{"reference_url":"https://github.com/advisories/GHSA-38f8-5428-x5cv","reference_id":"GHSA-38f8-5428-x5cv","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-38f8-5428-x5cv"},{"reference_url":"https://github.com/netty/netty/security/advisories/GHSA-38f8-5428-x5cv","reference_id":"GHSA-38f8-5428-x5cv","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-15T20:33:59Z/"}],"url":"https://github.com/netty/netty/security/advisories/GHSA-38f8-5428-x5cv"},{"reference_url":"https://usn.ubuntu.com/8401-1/","reference_id":"USN-8401-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8401-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/375369?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.1.133.Final","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.133.Final"},{"url":"http://public2.vulnerablecode.io/api/packages/1206405?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.1.133","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.133"},{"url":"http://public2.vulnerablecode.io/api/packages/375367?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.2.13.Final","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.2.13.Final"},{"url":"http://public2.vulnerablecode.io/api/packages/1206406?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.2.13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.2.13"}],"aliases":["CVE-2026-42585","GHSA-38f8-5428-x5cv"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-67qx-dgmf-cyfw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/10213?format=json","vulnerability_id":"VCID-7t77-fbgp-dqhg","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43797.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43797.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43797","reference_id":"","reference_type":"","scores":[{"value":"0.00381","scoring_system":"epss","scoring_elements":"0.60072","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00381","scoring_system":"epss","scoring_elements":"0.60076","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00381","scoring_system":"epss","scoring_elements":"0.60084","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00381","scoring_system":"epss","scoring_elements":"0.59964","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37136","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37136"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37137","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37137"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41881","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41881"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41915","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41915"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/netty/netty","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/netty/netty"},{"reference_url":"https://github.com/netty/netty/commit/07aa6b5938a8b6ed7a6586e066400e2643897323","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/netty/netty/commit/07aa6b5938a8b6ed7a6586e066400e2643897323"},{"reference_url":"https://github.com/netty/netty/pull/11891","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/netty/netty/pull/11891"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00008.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00008.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220107-0003","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20220107-0003"},{"reference_url":"https://security.netapp.com/advisory/ntap-20220107-0003/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20220107-0003/"},{"reference_url":"https://www.debian.org/security/2023/dsa-5316","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2023/dsa-5316"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001437","reference_id":"1001437","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1001437"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2031958","reference_id":"2031958","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2031958"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-43797","reference_id":"CVE-2021-43797","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-43797"},{"reference_url":"https://github.com/advisories/GHSA-wx5j-54mm-rqqq","reference_id":"GHSA-wx5j-54mm-rqqq","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-wx5j-54mm-rqqq"},{"reference_url":"https://github.com/netty/netty/security/advisories/GHSA-wx5j-54mm-rqqq","reference_id":"GHSA-wx5j-54mm-rqqq","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/netty/netty/security/advisories/GHSA-wx5j-54mm-rqqq"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0520","reference_id":"RHSA-2022:0520","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0520"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1345","reference_id":"RHSA-2022:1345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1345"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2216","reference_id":"RHSA-2022:2216","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2216"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2217","reference_id":"RHSA-2022:2217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2218","reference_id":"RHSA-2022:2218","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2218"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4623","reference_id":"RHSA-2022:4623","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4623"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4918","reference_id":"RHSA-2022:4918","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4918"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4919","reference_id":"RHSA-2022:4919","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4919"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:4922","reference_id":"RHSA-2022:4922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:4922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5101","reference_id":"RHSA-2022:5101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5101"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5498","reference_id":"RHSA-2022:5498","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5498"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5532","reference_id":"RHSA-2022:5532","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5532"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5903","reference_id":"RHSA-2022:5903","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6782","reference_id":"RHSA-2022:6782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6783","reference_id":"RHSA-2022:6783","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6783"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6787","reference_id":"RHSA-2022:6787","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6787"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7409","reference_id":"RHSA-2022:7409","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7409"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7410","reference_id":"RHSA-2022:7410","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7410"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7411","reference_id":"RHSA-2022:7411","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7411"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7417","reference_id":"RHSA-2022:7417","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7417"},{"reference_url":"https://usn.ubuntu.com/6049-1/","reference_id":"USN-6049-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6049-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/18241?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.1.71.Final","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e5n-j1mz-bkdp"},{"vulnerability":"VCID-67qx-dgmf-cyfw"},{"vulnerability":"VCID-927x-629d-tba4"},{"vulnerability":"VCID-c8j1-p9ec-gyds"},{"vulnerability":"VCID-e2s5-my34-4fbm"},{"vulnerability":"VCID-jbav-4q5e-3bf3"},{"vulnerability":"VCID-n286-n1m7-cyc8"},{"vulnerability":"VCID-t1gp-2zmz-57a9"},{"vulnerability":"VCID-w86r-pvjq-57cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.71.Final"},{"url":"http://public2.vulnerablecode.io/api/packages/391959?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.1.71","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.71"}],"aliases":["CVE-2021-43797","GHSA-wx5j-54mm-rqqq"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7t77-fbgp-dqhg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/28280?format=json","vulnerability_id":"VCID-927x-629d-tba4","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33870.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33870.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33870","reference_id":"","reference_type":"","scores":[{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08405","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08444","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.0845","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08446","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33870"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33870","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33870"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/netty/netty","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/netty/netty"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33870","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33870"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132229","reference_id":"1132229","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132229"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2452453","reference_id":"2452453","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2452453"},{"reference_url":"https://w4ke.info/2025/10/29/funky-chunks-2.html","reference_id":"funky-chunks-2.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:55:28Z/"}],"url":"https://w4ke.info/2025/10/29/funky-chunks-2.html"},{"reference_url":"https://w4ke.info/2025/06/18/funky-chunks.html","reference_id":"funky-chunks.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:55:28Z/"}],"url":"https://w4ke.info/2025/06/18/funky-chunks.html"},{"reference_url":"https://github.com/advisories/GHSA-pwqr-wmgm-9rr8","reference_id":"GHSA-pwqr-wmgm-9rr8","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-pwqr-wmgm-9rr8"},{"reference_url":"https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8","reference_id":"GHSA-pwqr-wmgm-9rr8","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:55:28Z/"}],"url":"https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8"},{"reference_url":"https://www.rfc-editor.org/rfc/rfc9110","reference_id":"rfc9110","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-31T13:55:28Z/"}],"url":"https://www.rfc-editor.org/rfc/rfc9110"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10175","reference_id":"RHSA-2026:10175","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10184","reference_id":"RHSA-2026:10184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13571","reference_id":"RHSA-2026:13571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14272","reference_id":"RHSA-2026:14272","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14272"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14276","reference_id":"RHSA-2026:14276","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14276"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17668","reference_id":"RHSA-2026:17668","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17668"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17789","reference_id":"RHSA-2026:17789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18054","reference_id":"RHSA-2026:18054","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18054"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18055","reference_id":"RHSA-2026:18055","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18055"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18059","reference_id":"RHSA-2026:18059","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18059"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22619","reference_id":"RHSA-2026:22619","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22619"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7109","reference_id":"RHSA-2026:7109","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7109"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7380","reference_id":"RHSA-2026:7380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8159","reference_id":"RHSA-2026:8159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8159"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8509","reference_id":"RHSA-2026:8509","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8509"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/374764?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.1.132.Final","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e5n-j1mz-bkdp"},{"vulnerability":"VCID-67qx-dgmf-cyfw"},{"vulnerability":"VCID-e2s5-my34-4fbm"},{"vulnerability":"VCID-jbav-4q5e-3bf3"},{"vulnerability":"VCID-n286-n1m7-cyc8"},{"vulnerability":"VCID-t1gp-2zmz-57a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.132.Final"},{"url":"http://public2.vulnerablecode.io/api/packages/374765?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.2.10.Final","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e5n-j1mz-bkdp"},{"vulnerability":"VCID-67qx-dgmf-cyfw"},{"vulnerability":"VCID-e2s5-my34-4fbm"},{"vulnerability":"VCID-jbav-4q5e-3bf3"},{"vulnerability":"VCID-n286-n1m7-cyc8"},{"vulnerability":"VCID-t1gp-2zmz-57a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.2.10.Final"}],"aliases":["CVE-2026-33870","GHSA-pwqr-wmgm-9rr8"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-927x-629d-tba4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93824?format=json","vulnerability_id":"VCID-c8j1-p9ec-gyds","summary":"Netty is an asynchronous event-driven network application framework for development of maintainable high performance protocol servers and clients. In versions 4.1.124.Final, and 4.2.0.Alpha3 through 4.2.4.Final, Netty incorrectly accepts standalone newline characters (LF) as a chunk-size line terminator, regardless of a preceding carriage return (CR), instead of requiring CRLF per HTTP/1.1 standards. When combined with reverse proxies that parse LF differently (treating it as part of the chunk extension), attackers can craft requests that the proxy sees as one request but Netty processes as two, enabling request smuggling attacks. This is fixed in versions 4.1.125.Final and 4.2.5.Final.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58056.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58056.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-58056","reference_id":"","reference_type":"","scores":[{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26956","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26757","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26958","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26973","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-58056"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58056","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58056"},{"reference_url":"https://github.com/github/advisory-database/pull/6092","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/github/advisory-database/pull/6092"},{"reference_url":"https://github.com/netty/netty","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/netty/netty"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-58056","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-58056"},{"reference_url":"https://github.com/JLLeitschuh/unCVEed/issues/1","reference_id":"1","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-04T19:09:52Z/"}],"url":"https://github.com/JLLeitschuh/unCVEed/issues/1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1113995","reference_id":"1113995","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1113995"},{"reference_url":"https://github.com/netty/netty/issues/15522","reference_id":"15522","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-04T19:09:52Z/"}],"url":"https://github.com/netty/netty/issues/15522"},{"reference_url":"https://github.com/netty/netty/pull/15611","reference_id":"15611","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-04T19:09:52Z/"}],"url":"https://github.com/netty/netty/pull/15611"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2392996","reference_id":"2392996","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2392996"},{"reference_url":"https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284","reference_id":"edb55fd8e0a3bcbd85881e423464f585183d1284","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-04T19:09:52Z/"}],"url":"https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284"},{"reference_url":"https://w4ke.info/2025/06/18/funky-chunks.html","reference_id":"funky-chunks.html","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-04T19:09:52Z/"}],"url":"https://w4ke.info/2025/06/18/funky-chunks.html"},{"reference_url":"https://github.com/advisories/GHSA-fghv-69vj-qj49","reference_id":"GHSA-fghv-69vj-qj49","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fghv-69vj-qj49"},{"reference_url":"https://github.com/netty/netty/security/advisories/GHSA-fghv-69vj-qj49","reference_id":"GHSA-fghv-69vj-qj49","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-04T19:09:52Z/"}],"url":"https://github.com/netty/netty/security/advisories/GHSA-fghv-69vj-qj49"},{"reference_url":"https://datatracker.ietf.org/doc/html/rfc9112#name-chunked-transfer-coding","reference_id":"rfc9112#name-chunked-transfer-coding","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-04T19:09:52Z/"}],"url":"https://datatracker.ietf.org/doc/html/rfc9112#name-chunked-transfer-coding"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17187","reference_id":"RHSA-2025:17187","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17187"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17298","reference_id":"RHSA-2025:17298","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17298"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17299","reference_id":"RHSA-2025:17299","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17299"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17317","reference_id":"RHSA-2025:17317","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17317"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17318","reference_id":"RHSA-2025:17318","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17318"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17563","reference_id":"RHSA-2025:17563","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17563"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17567","reference_id":"RHSA-2025:17567","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17567"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18028","reference_id":"RHSA-2025:18028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18076","reference_id":"RHSA-2025:18076","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:18076"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21148","reference_id":"RHSA-2025:21148","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21148"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23417","reference_id":"RHSA-2025:23417","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23417"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3102","reference_id":"RHSA-2026:3102","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3102"},{"reference_url":"https://usn.ubuntu.com/7918-1/","reference_id":"USN-7918-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7918-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/376661?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.1.125.Final","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e5n-j1mz-bkdp"},{"vulnerability":"VCID-67qx-dgmf-cyfw"},{"vulnerability":"VCID-927x-629d-tba4"},{"vulnerability":"VCID-e2s5-my34-4fbm"},{"vulnerability":"VCID-jbav-4q5e-3bf3"},{"vulnerability":"VCID-n286-n1m7-cyc8"},{"vulnerability":"VCID-t1gp-2zmz-57a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.125.Final"},{"url":"http://public2.vulnerablecode.io/api/packages/376662?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.2.5.Final","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e5n-j1mz-bkdp"},{"vulnerability":"VCID-67qx-dgmf-cyfw"},{"vulnerability":"VCID-927x-629d-tba4"},{"vulnerability":"VCID-e2s5-my34-4fbm"},{"vulnerability":"VCID-jbav-4q5e-3bf3"},{"vulnerability":"VCID-n286-n1m7-cyc8"},{"vulnerability":"VCID-t1gp-2zmz-57a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.2.5.Final"}],"aliases":["CVE-2025-58056","GHSA-fghv-69vj-qj49"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c8j1-p9ec-gyds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/28601?format=json","vulnerability_id":"VCID-e2s5-my34-4fbm","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41417.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-41417.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-41417","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06244","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06215","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06232","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06222","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-41417"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41417","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41417"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/netty/netty","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/netty/netty"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41417","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41417"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136023","reference_id":"1136023","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1136023"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467540","reference_id":"2467540","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467540"},{"reference_url":"https://github.com/advisories/GHSA-v8h7-rr48-vmmv","reference_id":"GHSA-v8h7-rr48-vmmv","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-v8h7-rr48-vmmv"},{"reference_url":"https://github.com/netty/netty/security/advisories/GHSA-v8h7-rr48-vmmv","reference_id":"GHSA-v8h7-rr48-vmmv","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-07T13:59:21Z/"}],"url":"https://github.com/netty/netty/security/advisories/GHSA-v8h7-rr48-vmmv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/375369?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.1.133.Final","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.133.Final"},{"url":"http://public2.vulnerablecode.io/api/packages/1206405?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.1.133","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.133"},{"url":"http://public2.vulnerablecode.io/api/packages/375367?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.2.13.Final","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.2.13.Final"},{"url":"http://public2.vulnerablecode.io/api/packages/1206406?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.2.13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.2.13"}],"aliases":["CVE-2026-41417","GHSA-v8h7-rr48-vmmv"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e2s5-my34-4fbm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/28684?format=json","vulnerability_id":"VCID-jbav-4q5e-3bf3","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42581.json","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42581.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42581","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.045","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04484","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04498","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05304","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42581"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42581","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42581"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/netty/netty","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/netty/netty"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42581","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42581"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1139914","reference_id":"1139914","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1139914"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477232","reference_id":"2477232","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477232"},{"reference_url":"https://github.com/advisories/GHSA-xxqh-mfjm-7mv9","reference_id":"GHSA-xxqh-mfjm-7mv9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xxqh-mfjm-7mv9"},{"reference_url":"https://github.com/netty/netty/security/advisories/GHSA-xxqh-mfjm-7mv9","reference_id":"GHSA-xxqh-mfjm-7mv9","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T18:42:38Z/"}],"url":"https://github.com/netty/netty/security/advisories/GHSA-xxqh-mfjm-7mv9"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23808","reference_id":"RHSA-2026:23808","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23808"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24502","reference_id":"RHSA-2026:24502","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:25123","reference_id":"RHSA-2026:25123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:25123"},{"reference_url":"https://usn.ubuntu.com/8401-1/","reference_id":"USN-8401-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8401-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/375369?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.1.133.Final","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.133.Final"},{"url":"http://public2.vulnerablecode.io/api/packages/1206405?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.1.133","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.133"},{"url":"http://public2.vulnerablecode.io/api/packages/375367?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.2.13.Final","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.2.13.Final"},{"url":"http://public2.vulnerablecode.io/api/packages/1206406?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.2.13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.2.13"}],"aliases":["CVE-2026-42581","GHSA-xxqh-mfjm-7mv9"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jbav-4q5e-3bf3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/28690?format=json","vulnerability_id":"VCID-n286-n1m7-cyc8","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42587.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42587.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42587","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04779","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04776","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04765","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05542","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42587"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42587","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42587"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/netty/netty","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/netty/netty"},{"reference_url":"https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42587","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42587"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1139914","reference_id":"1139914","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1139914"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477220","reference_id":"2477220","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477220"},{"reference_url":"https://github.com/advisories/GHSA-f6hv-jmp6-3vwv","reference_id":"GHSA-f6hv-jmp6-3vwv","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-f6hv-jmp6-3vwv"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23808","reference_id":"RHSA-2026:23808","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23808"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24502","reference_id":"RHSA-2026:24502","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:25123","reference_id":"RHSA-2026:25123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:25123"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/375369?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.1.133.Final","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.133.Final"},{"url":"http://public2.vulnerablecode.io/api/packages/1206405?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.1.133","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.133"},{"url":"http://public2.vulnerablecode.io/api/packages/375367?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.2.13.Final","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.2.13.Final"},{"url":"http://public2.vulnerablecode.io/api/packages/1206406?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.2.13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.2.13"}],"aliases":["CVE-2026-42587","GHSA-f6hv-jmp6-3vwv"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n286-n1m7-cyc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/28687?format=json","vulnerability_id":"VCID-t1gp-2zmz-57a9","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42584.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-42584.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42584","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03905","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03896","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03884","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04629","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42584"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42584","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42584"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/netty/netty","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/netty/netty"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42584","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42584"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1139914","reference_id":"1139914","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1139914"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477224","reference_id":"2477224","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477224"},{"reference_url":"https://github.com/advisories/GHSA-57rv-r2g8-2cj3","reference_id":"GHSA-57rv-r2g8-2cj3","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-57rv-r2g8-2cj3"},{"reference_url":"https://github.com/netty/netty/security/advisories/GHSA-57rv-r2g8-2cj3","reference_id":"GHSA-57rv-r2g8-2cj3","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-13T18:35:01Z/"}],"url":"https://github.com/netty/netty/security/advisories/GHSA-57rv-r2g8-2cj3"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23808","reference_id":"RHSA-2026:23808","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23808"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24502","reference_id":"RHSA-2026:24502","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:25123","reference_id":"RHSA-2026:25123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:25123"},{"reference_url":"https://usn.ubuntu.com/8401-1/","reference_id":"USN-8401-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8401-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/375369?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.1.133.Final","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.133.Final"},{"url":"http://public2.vulnerablecode.io/api/packages/1206405?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.1.133","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.133"},{"url":"http://public2.vulnerablecode.io/api/packages/375367?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.2.13.Final","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.2.13.Final"},{"url":"http://public2.vulnerablecode.io/api/packages/1206406?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.2.13","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.2.13"}],"aliases":["CVE-2026-42584","GHSA-57rv-r2g8-2cj3"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t1gp-2zmz-57a9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/18979?format=json","vulnerability_id":"VCID-w86r-pvjq-57cf","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29025.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-29025.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-29025","reference_id":"","reference_type":"","scores":[{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.57291","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.57416","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.57424","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00343","scoring_system":"epss","scoring_elements":"0.57409","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-29025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29025","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29025"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/netty/netty","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/netty/netty"},{"reference_url":"https://github.com/vietj/netty/tree/post-request-decoder","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/vietj/netty/tree/post-request-decoder"},{"reference_url":"https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c","reference_id":"0d0c6ed782d13d423586ad0c71737b2c7d02058c","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T15:54:48Z/"}],"url":"https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068110","reference_id":"1068110","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068110"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2272907","reference_id":"2272907","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2272907"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-29025","reference_id":"CVE-2024-29025","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-29025"},{"reference_url":"https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3","reference_id":"f558b8ea81ec6505f1e9a6ca283c9ae3","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T15:54:48Z/"}],"url":"https://gist.github.com/vietj/f558b8ea81ec6505f1e9a6ca283c9ae3"},{"reference_url":"https://github.com/advisories/GHSA-5jpm-x58v-624v","reference_id":"GHSA-5jpm-x58v-624v","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5jpm-x58v-624v"},{"reference_url":"https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v","reference_id":"GHSA-5jpm-x58v-624v","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T15:54:48Z/"}],"url":"https://github.com/netty/netty/security/advisories/GHSA-5jpm-x58v-624v"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00015.html","reference_id":"msg00015.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-07-19T15:54:48Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00015.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2088","reference_id":"RHSA-2024:2088","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2088"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2106","reference_id":"RHSA-2024:2106","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2106"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2705","reference_id":"RHSA-2024:2705","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2705"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2833","reference_id":"RHSA-2024:2833","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2833"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2945","reference_id":"RHSA-2024:2945","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2945"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3527","reference_id":"RHSA-2024:3527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3550","reference_id":"RHSA-2024:3550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4028","reference_id":"RHSA-2024:4028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4460","reference_id":"RHSA-2024:4460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4460"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4884","reference_id":"RHSA-2024:4884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5143","reference_id":"RHSA-2024:5143","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5143"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5144","reference_id":"RHSA-2024:5144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5145","reference_id":"RHSA-2024:5145","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5145"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5147","reference_id":"RHSA-2024:5147","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5147"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5479","reference_id":"RHSA-2024:5479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5481","reference_id":"RHSA-2024:5481","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5482","reference_id":"RHSA-2024:5482","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5482"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6657","reference_id":"RHSA-2024:6657","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6657"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9571","reference_id":"RHSA-2024:9571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:9571"},{"reference_url":"https://usn.ubuntu.com/7284-1/","reference_id":"USN-7284-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7284-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/30036?format=json","purl":"pkg:maven/io.netty/netty-codec-http@4.1.108.Final","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1e5n-j1mz-bkdp"},{"vulnerability":"VCID-67qx-dgmf-cyfw"},{"vulnerability":"VCID-927x-629d-tba4"},{"vulnerability":"VCID-c8j1-p9ec-gyds"},{"vulnerability":"VCID-e2s5-my34-4fbm"},{"vulnerability":"VCID-jbav-4q5e-3bf3"},{"vulnerability":"VCID-n286-n1m7-cyc8"},{"vulnerability":"VCID-t1gp-2zmz-57a9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.108.Final"}],"aliases":["CVE-2024-29025","GHSA-5jpm-x58v-624v"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w86r-pvjq-57cf"}],"fixing_vulnerabilities":[],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:maven/io.netty/netty-codec-http@4.1.48.Final"}