Search for packages
| purl | pkg:maven/io.netty/netty-parent@4.0.28.Final |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-es3s-xjbh-wbas | Information Exposure in Netty Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0.28.Final, and 4.1.x before 4.1.0.Beta5 and Play Framework 2.x before 2.3.9 might allow remote attackers to bypass the httpOnly flag on cookies and obtain sensitive information by leveraging improper validation of cookie name and value characters. |
CVE-2015-2156
GHSA-xfv3-rrfm-f2rv |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-07-03T17:42:08.583816+00:00 | GitLab Importer | Fixing | VCID-es3s-xjbh-wbas | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.netty/netty-parent/CVE-2015-2156.yml | 37.0.0 |
| 2025-07-03T13:55:19.784837+00:00 | GitLab Importer | Fixing | VCID-es3s-xjbh-wbas | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/io.netty/netty-parent/CVE-2015-2156.yml | 36.1.3 |
| 2025-07-01T14:30:18.637635+00:00 | GHSA Importer | Fixing | VCID-es3s-xjbh-wbas | https://github.com/advisories/GHSA-xfv3-rrfm-f2rv | 36.1.3 |
| 2025-07-01T12:17:27.676216+00:00 | GithubOSV Importer | Fixing | VCID-es3s-xjbh-wbas | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/06/GHSA-xfv3-rrfm-f2rv/GHSA-xfv3-rrfm-f2rv.json | 36.1.3 |