>= 4.0.0, < 4.1.45
HIGH8.1CVE-2026-44249Netty has an IPv6 Subnet Filter Bypass via Incorrect Comparator Masking >= 4.2.0.Final, < 4.2.15.Final
HIGH7.5CVE-2026-45416Netty: SNI handler pre-allocates up to 16 MiB from nine attacker bytes >= 4.2.0.Final, < 4.2.15.Final
HIGH7.5SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine
>= 4.1.91.Final, < 4.1.118.Final
HIGH7.5Loop with Unreachable Exit Condition in Netty
>= 4.0.0.Alpha1, < 4.0.37.Final
HIGH7.5Denial of Service in Netty
>= 4.1.0, < 4.1.46
HIGH7.5HTTP Request Smuggling in Netty
>= 4.1.43, < 4.1.45
MEDIUM6.5netty - security update
from 0, < 4.1.94.Final
MEDIUM5.3Withdrawn Advisory: Netty-handler does not validate host names by default
>= 4.1.0.Final, <= 4.1.99.Final
—Denial of service in Netty
from 0, < 3.9.2