Vulnerabilities > Netty > Netty > 4.1.66
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-10 | CVE-2025-25193 | Unspecified vulnerability in Netty Netty, an asynchronous, event-driven network application framework, has a vulnerability in versions up to and including 4.1.118.Final. | 5.5 |
| 2023-10-10 | CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | 7.5 |
| 2023-06-22 | CVE-2023-34462 | Unspecified vulnerability in Netty Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. | 6.5 |
| 2022-12-12 | CVE-2022-41881 | Uncontrolled Recursion vulnerability in multiple products Netty project is an event-driven asynchronous network application framework. | 7.5 |
| 2022-05-06 | CVE-2022-24823 | Netty is an open-source, asynchronous event-driven network application framework. | 5.5 |
| 2021-12-09 | CVE-2021-43797 | Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. | 6.5 |
| 2021-10-19 | CVE-2021-37136 | Resource Exhaustion vulnerability in multiple products The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocation size used during decompression). | 7.5 |
| 2021-10-19 | CVE-2021-37137 | Resource Exhaustion vulnerability in multiple products The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. | 7.5 |