pkg:Maven/io.netty:netty-handler

8 total CVEsCRITICAL1HIGH4MEDIUM2

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.1CVE-2019-20445HTTP Request Smuggling in Netty
    >= 4.0.0, < 4.1.45
  • HIGH7.5CVE-2025-24970SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine
    >= 4.1.91.Final, < 4.1.118.Final
  • HIGH7.5CVE-2016-4970Loop with Unreachable Exit Condition in Netty
    >= 4.0.0.Alpha1, < 4.0.37.Final
  • HIGH7.5CVE-2020-11612Denial of Service in Netty
    >= 4.1.0, < 4.1.46
  • HIGH7.5CVE-2020-7238HTTP Request Smuggling in Netty
    >= 4.1.43, < 4.1.45
  • MEDIUM6.5CVE-2023-34462netty - security update
    from 0, < 4.1.94.Final
  • MEDIUM5.3CVE-2023-4586Withdrawn Advisory: Netty-handler does not validate host names by default
    >= 4.1.0.Final, <= 4.1.99.Final
  • CVE-2014-3488Denial of service in Netty
    from 0, < 3.9.2