CVE-2026-42580
EUVD-2026-3012313.05.2026, 19:17
Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty's chunk size parser silently overflows int, enabling request smuggling attacks. This vulnerability is fixed in 4.2.13.Final and 4.1.133.Final.Enginsight
Awaiting analysis
This vulnerability is currently awaiting analysis.