Information on source package netty

Available versions

ReleaseVersion
buster1:4.1.33-1+deb10u2
buster (security)1:4.1.33-1+deb10u4
bullseye1:4.1.48-4+deb11u2
bookworm1:4.1.48-7+deb12u1
trixie1:4.1.48-9
sid1:4.1.48-9

Open unimportant issues

BugbusterbullseyebookwormtrixiesidDescription
CVE-2022-24823vulnerablevulnerablevulnerablevulnerablevulnerableNetty is an open-source, asynchronous event-driven network application ...

Resolved issues

BugDescription
CVE-2023-44487The HTTP/2 protocol allows a denial of service (server resource consum ...
CVE-2023-34462Netty is an asynchronous event-driven network application framework fo ...
CVE-2022-41915Netty project is an event-driven asynchronous network application fram ...
CVE-2022-41881Netty project is an event-driven asynchronous network application fram ...
CVE-2021-43797Netty is an asynchronous event-driven network application framework fo ...
CVE-2021-37137The Snappy frame decoder function doesn't restrict the chunk length wh ...
CVE-2021-37136The Bzip2 decompression decoder function doesn't allow setting size re ...
CVE-2021-21409Netty is an open-source, asynchronous event-driven network application ...
CVE-2021-21295Netty is an open-source, asynchronous event-driven network application ...
CVE-2021-21290Netty is an open-source, asynchronous event-driven network application ...
CVE-2020-11612The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memo ...
CVE-2020-7238Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles ...
CVE-2019-20445HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length ...
CVE-2019-20444HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header th ...
CVE-2019-16869Netty before 4.1.42.Final mishandles whitespace before the colon in HT ...
CVE-2016-4970handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and ...
CVE-2015-2156Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0 ...
CVE-2014-3488The SslHandler in Netty before 3.9.2 allows remote attackers to cause ...
CVE-2014-0193WebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before 3.7. ...

Security announcements

DSA / DLADescription
DLA-3656-1netty - security update
DSA-5558-1netty - security update
DSA-5316-1netty - security update
DLA-3268-1netty - security update
DSA-4885-1netty - security update
DLA-2555-1netty - security update
DLA-2364-1netty - security update
DLA-2109-1netty - security update
DSA-4597-1netty - security update
DLA-1941-1netty - security update

Search for package or bug name: Reporting problems