High severityNVD Advisory· Published Mar 27, 2026· Updated Mar 31, 2026
Netty: HTTP Request Smuggling via Chunked Extension Quoted-String Parsing
CVE-2026-33870
Description
Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.132.Final and 4.2.10.Final, Netty incorrectly parses quoted strings in HTTP/1.1 chunked transfer encoding extension values, enabling request smuggling attacks. Versions 4.1.132.Final and 4.2.10.Final fix the issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
io.netty:netty-codec-httpMaven | < 4.1.132.Final | 4.1.132.Final |
io.netty:netty-codec-httpMaven | >= 4.2.0.Alpha1, < 4.2.10.Final | 4.2.10.Final |
Affected products
260- osv-coords259 versionspkg:apk/chainguard/akhqpkg:apk/chainguard/apache-activemq-artemispkg:apk/chainguard/apache-camel-karavan-devmodepkg:apk/chainguard/apache-pulsar-4.0pkg:apk/chainguard/apache-pulsar-4.2pkg:apk/chainguard/apache-pulsar-fips-4.0pkg:apk/chainguard/apache-pulsar-fips-4.2pkg:apk/chainguard/apicurio-registrypkg:apk/chainguard/camunda-8.8pkg:apk/chainguard/camunda-zeebe-8.6pkg:apk/chainguard/camunda-zeebe-8.7pkg:apk/chainguard/camunda-zeebe-8.8pkg:apk/chainguard/celeborn-0.5pkg:apk/chainguard/commercial-elasticsearch-8.19pkg:apk/chainguard/commercial-elasticsearch-9.3pkg:apk/chainguard/druidpkg:apk/chainguard/elasticsearch-7pkg:apk/chainguard/elasticsearch-7-iamguardedpkg:apk/chainguard/elasticsearch-8.17pkg:apk/chainguard/elasticsearch-8.19pkg:apk/chainguard/elasticsearch-8.19-iamguardedpkg:apk/chainguard/elasticsearch-9.0pkg:apk/chainguard/elasticsearch-9.0-iamguardedpkg:apk/chainguard/elasticsearch-9.1pkg:apk/chainguard/elasticsearch-9.1-iamguardedpkg:apk/chainguard/elasticsearch-9.2pkg:apk/chainguard/elasticsearch-9.2-iamguardedpkg:apk/chainguard/elasticsearch-9.3pkg:apk/chainguard/elasticsearch-9.3-iamguardedpkg:apk/chainguard/elasticsearch-fips-8.17pkg:apk/chainguard/elasticsearch-fips-8.17-bitnamipkg:apk/chainguard/elasticsearch-fips-8.19pkg:apk/chainguard/elasticsearch-fips-9.0pkg:apk/chainguard/elasticsearch-fips-9.0-bitnamipkg:apk/chainguard/elasticsearch-fips-9.1pkg:apk/chainguard/elasticsearch-fips-9.2pkg:apk/chainguard/elasticsearch-fips-9.3pkg:apk/chainguard/flywaypkg:apk/chainguard/flyway-fipspkg:apk/chainguard/hono-adapter-mqttpkg:apk/chainguard/hono-clipkg:apk/chainguard/hono-service-authpkg:apk/chainguard/hono-service-command-routerpkg:apk/chainguard/hono-service-device-registry-jdbcpkg:apk/chainguard/infinispan-15.0pkg:apk/chainguard/infinispan-15.1pkg:apk/chainguard/infinispan-15.2pkg:apk/chainguard/infinispan-16.0pkg:apk/chainguard/infinispan-16.1pkg:apk/chainguard/kafbat-uipkg:apk/chainguard/kafbat-ui-fipspkg:apk/chainguard/kafka-bridgepkg:apk/chainguard/kafka-bridge-fipspkg:apk/chainguard/kayenta-2025.0pkg:apk/chainguard/kayenta-2025.1pkg:apk/chainguard/kayenta-2025.2pkg:apk/chainguard/kayenta-2025.4pkg:apk/chainguard/kayenta-2026.0pkg:apk/chainguard/kayenta-fips-2025.0pkg:apk/chainguard/kayenta-fips-2025.1pkg:apk/chainguard/kayenta-fips-2025.2pkg:apk/chainguard/kayenta-fips-2025.4pkg:apk/chainguard/kayenta-fips-2026.0pkg:apk/chainguard/keycloak-26.5pkg:apk/chainguard/keycloak-26.5-iamguarded-compatpkg:apk/chainguard/keycloak-26.5-operatorpkg:apk/chainguard/keycloak-fips-26.5pkg:apk/chainguard/keycloak-fips-26.5-iamguarded-fipspkg:apk/chainguard/keycloak-fips-26.5-operatorpkg:apk/chainguard/knative-kafka-broker-1.17-dispatcher-loompkg:apk/chainguard/knative-kafka-broker-1.18-dispatcher-loompkg:apk/chainguard/knative-kafka-broker-1.18-receiver-loompkg:apk/chainguard/knative-kafka-broker-1.19-dispatcher-loompkg:apk/chainguard/knative-kafka-broker-1.19-receiver-loompkg:apk/chainguard/knative-kafka-broker-1.20-dispatcher-loompkg:apk/chainguard/knative-kafka-broker-1.21-dispatcher-loompkg:apk/chainguard/knative-kafka-broker-1.21-receiver-loompkg:apk/chainguard/knative-kafka-broker-1.22-dispatcher-loompkg:apk/chainguard/knative-kafka-broker-1.22-receiver-loompkg:apk/chainguard/knative-kafka-broker-fips-1.17-dispatcher-loompkg:apk/chainguard/knative-kafka-broker-fips-1.17-receiver-loompkg:apk/chainguard/knative-kafka-broker-fips-1.18-dispatcher-loompkg:apk/chainguard/knative-kafka-broker-fips-1.18-receiver-loompkg:apk/chainguard/knative-kafka-broker-fips-1.19-dispatcher-loompkg:apk/chainguard/knative-kafka-broker-fips-1.19-receiver-loompkg:apk/chainguard/knative-kafka-broker-fips-1.20-dispatcher-loompkg:apk/chainguard/knative-kafka-broker-fips-1.20-receiver-loompkg:apk/chainguard/knative-kafka-broker-fips-1.21-dispatcher-loompkg:apk/chainguard/knative-kafka-broker-fips-1.21-receiver-loompkg:apk/chainguard/knative-kafka-broker-fips-1.22-dispatcher-loompkg:apk/chainguard/knative-kafka-broker-fips-1.22-receiver-loompkg:apk/chainguard/kserve-modelmeshpkg:apk/chainguard/localstackpkg:apk/chainguard/logstash-8.19pkg:apk/chainguard/logstash-8.19-iamguarded-compatpkg:apk/chainguard/logstash-8.19-with-output-opensearchpkg:apk/chainguard/logstash-9.0pkg:apk/chainguard/logstash-9.0-iamguarded-compatpkg:apk/chainguard/logstash-9.0-with-output-opensearchpkg:apk/chainguard/logstash-9.1pkg:apk/chainguard/logstash-9.1-bitnami-compatpkg:apk/chainguard/logstash-9.1-iamguarded-compatpkg:apk/chainguard/logstash-9.1-with-output-opensearchpkg:apk/chainguard/logstash-9.2pkg:apk/chainguard/logstash-9.2-iamguarded-compatpkg:apk/chainguard/logstash-9.2-with-output-opensearchpkg:apk/chainguard/logstash-9.3pkg:apk/chainguard/logstash-9.3-iamguarded-compatpkg:apk/chainguard/logstash-9.3-with-output-opensearchpkg:apk/chainguard/management-api-for-apache-cassandra-4.0pkg:apk/chainguard/management-api-for-apache-cassandra-4.1pkg:apk/chainguard/management-api-for-apache-cassandra-5.0pkg:apk/chainguard/neo4j-5.26pkg:apk/chainguard/opensearch-2pkg:apk/chainguard/opensearch-2-ml-commonspkg:apk/chainguard/opensearch-2-performance-analyzerpkg:apk/chainguard/opensearch-2-repository-azurepkg:apk/chainguard/opensearch-2-repository-s3pkg:apk/chainguard/opensearch-2-securitypkg:apk/chainguard/opensearch-2-transport-niopkg:apk/chainguard/opensearch-3pkg:apk/chainguard/opensearch-3-ml-commonspkg:apk/chainguard/opensearch-3-notificationspkg:apk/chainguard/opensearch-3-performance-analyzerpkg:apk/chainguard/opensearch-3-repository-azurepkg:apk/chainguard/opensearch-3-repository-s3pkg:apk/chainguard/opensearch-3-securitypkg:apk/chainguard/opensearch-3-security-analyticspkg:apk/chainguard/opensearch-fips-3pkg:apk/chainguard/opensearch-fips-3-ml-commonspkg:apk/chainguard/opensearch-fips-3-notificationspkg:apk/chainguard/opensearch-fips-3-performance-analyzerpkg:apk/chainguard/opensearch-fips-3-repository-azurepkg:apk/chainguard/opensearch-fips-3-repository-s3pkg:apk/chainguard/opensearch-fips-3-securitypkg:apk/chainguard/opensearch-fips-3-security-analyticspkg:apk/chainguard/pinotpkg:apk/chainguard/pinot-fipspkg:apk/chainguard/reposilitepkg:apk/chainguard/seata-serverpkg:apk/chainguard/spark-3.5-scala-2.12pkg:apk/chainguard/spark-3.5-scala-2.13pkg:apk/chainguard/spark-4.0-scala-2.13pkg:apk/chainguard/spark-4.1-scala-2.13pkg:apk/chainguard/spark-fips-3.5-scala-2.12pkg:apk/chainguard/spark-fips-3.5-scala-2.13pkg:apk/chainguard/spark-fips-4.1-scala-2.13pkg:apk/chainguard/strimzi-kafka-operator-cluster-operatorpkg:apk/chainguard/strimzi-kafka-operator-kafka-agentpkg:apk/chainguard/strimzi-kafka-operator-kafka-initpkg:apk/chainguard/strimzi-kafka-operator-kafka-thirdparty-libs-ccpkg:apk/chainguard/strimzi-kafka-operator-topic-operatorpkg:apk/chainguard/strimzi-kafka-operator-tracing-agentpkg:apk/chainguard/strimzi-kafka-operator-user-operatorpkg:apk/chainguard/tezpkg:apk/chainguard/thingsboard-tb-mqtt-transportpkg:apk/chainguard/thingsboard-tb-nodepkg:apk/chainguard/trino-plugin-delta-lakepkg:apk/chainguard/trino-plugin-elasticsearchpkg:apk/chainguard/trino-plugin-exchange-filesystempkg:apk/chainguard/trino-plugin-exchange-hdfspkg:apk/chainguard/trino-plugin-hivepkg:apk/chainguard/trino-plugin-hudipkg:apk/chainguard/trino-plugin-icebergpkg:apk/chainguard/trino-plugin-lakehousepkg:apk/chainguard/trino-plugin-opensearchpkg:apk/chainguard/trino-plugin-pinotpkg:apk/chainguard/trino-plugin-redshiftpkg:apk/chainguard/trino-plugin-spooling-filesystempkg:apk/chainguard/trino-plugin-thriftpkg:apk/chainguard/wavefront-proxypkg:apk/chainguard/wazuh-indexerpkg:apk/chainguard/wazuh-indexer-plugin-ml-commonspkg:apk/chainguard/wazuh-indexer-plugin-notificationspkg:apk/chainguard/wazuh-indexer-plugin-securitypkg:apk/chainguard/wildfly-openjdk-17pkg:apk/chainguard/wildfly-openjdk-21pkg:apk/chainguard/zipkinpkg:apk/chainguard/zipkin-slimpkg:apk/wolfi/akhqpkg:apk/wolfi/apache-activemq-artemispkg:apk/wolfi/apache-pulsar-4.2pkg:apk/wolfi/apicurio-registrypkg:apk/wolfi/celeborn-0.5pkg:apk/wolfi/druidpkg:apk/wolfi/flywaypkg:apk/wolfi/infinispan-15.2pkg:apk/wolfi/infinispan-16.0pkg:apk/wolfi/infinispan-16.1pkg:apk/wolfi/keycloak-26.5pkg:apk/wolfi/keycloak-26.5-iamguarded-compatpkg:apk/wolfi/keycloak-26.5-operatorpkg:apk/wolfi/kserve-modelmeshpkg:apk/wolfi/logstash-9.1pkg:apk/wolfi/logstash-9.1-bitnami-compatpkg:apk/wolfi/logstash-9.1-iamguarded-compatpkg:apk/wolfi/logstash-9.1-with-output-opensearchpkg:apk/wolfi/logstash-9.2pkg:apk/wolfi/logstash-9.2-iamguarded-compatpkg:apk/wolfi/logstash-9.2-with-output-opensearchpkg:apk/wolfi/logstash-9.3pkg:apk/wolfi/logstash-9.3-iamguarded-compatpkg:apk/wolfi/logstash-9.3-with-output-opensearchpkg:apk/wolfi/management-api-for-apache-cassandra-4.1pkg:apk/wolfi/management-api-for-apache-cassandra-5.0pkg:apk/wolfi/neo4j-5.26pkg:apk/wolfi/opensearch-2pkg:apk/wolfi/opensearch-2-ml-commonspkg:apk/wolfi/opensearch-2-performance-analyzerpkg:apk/wolfi/opensearch-2-repository-azurepkg:apk/wolfi/opensearch-2-repository-s3pkg:apk/wolfi/opensearch-2-securitypkg:apk/wolfi/opensearch-2-transport-niopkg:apk/wolfi/opensearch-3pkg:apk/wolfi/opensearch-3-ml-commonspkg:apk/wolfi/opensearch-3-notificationspkg:apk/wolfi/opensearch-3-performance-analyzerpkg:apk/wolfi/opensearch-3-repository-azurepkg:apk/wolfi/opensearch-3-repository-s3pkg:apk/wolfi/opensearch-3-securitypkg:apk/wolfi/opensearch-3-security-analyticspkg:apk/wolfi/spark-3.5-scala-2.12pkg:apk/wolfi/spark-3.5-scala-2.13pkg:apk/wolfi/spark-4.0-scala-2.13pkg:apk/wolfi/spark-4.1-scala-2.13pkg:apk/wolfi/strimzi-kafka-operator-cluster-operatorpkg:apk/wolfi/strimzi-kafka-operator-kafka-agentpkg:apk/wolfi/strimzi-kafka-operator-kafka-initpkg:apk/wolfi/strimzi-kafka-operator-kafka-thirdparty-libs-ccpkg:apk/wolfi/strimzi-kafka-operator-topic-operatorpkg:apk/wolfi/strimzi-kafka-operator-tracing-agentpkg:apk/wolfi/strimzi-kafka-operator-user-operatorpkg:apk/wolfi/tezpkg:apk/wolfi/thingsboard-tb-mqtt-transportpkg:apk/wolfi/thingsboard-tb-nodepkg:apk/wolfi/trino-plugin-delta-lakepkg:apk/wolfi/trino-plugin-elasticsearchpkg:apk/wolfi/trino-plugin-exchange-filesystempkg:apk/wolfi/trino-plugin-exchange-hdfspkg:apk/wolfi/trino-plugin-hivepkg:apk/wolfi/trino-plugin-hudipkg:apk/wolfi/trino-plugin-icebergpkg:apk/wolfi/trino-plugin-lakehousepkg:apk/wolfi/trino-plugin-opensearchpkg:apk/wolfi/trino-plugin-pinotpkg:apk/wolfi/trino-plugin-redshiftpkg:apk/wolfi/trino-plugin-spooling-filesystempkg:apk/wolfi/trino-plugin-thriftpkg:apk/wolfi/wavefront-proxypkg:apk/wolfi/wildfly-openjdk-17pkg:apk/wolfi/wildfly-openjdk-21pkg:apk/wolfi/zipkinpkg:apk/wolfi/zipkin-slimpkg:maven/io.netty/netty-codec-httppkg:rpm/opensuse/netty&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/netty&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/netty-tcnative&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/netty&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7pkg:rpm/suse/netty-tcnative&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7
< 0.27.0-r0+ 258 more
- (no CPE)range: < 0.27.0-r0
- (no CPE)range: < 2.53.0-r4
- (no CPE)range: < 4.14.2-r7
- (no CPE)range: < 4.0.9-r10
- (no CPE)range: < 4.2.1-r0
- (no CPE)range: < 4.0.9-r10
- (no CPE)range: < 4.2.1-r0
- (no CPE)range: < 3.2.0-r2
- (no CPE)range: < 8.8.22-r0
- (no CPE)range: < 8.6.39-r0
- (no CPE)range: < 8.7.27-r0
- (no CPE)range: < 8.8.22-r0
- (no CPE)range: < 0.5.4-r19
- (no CPE)range: < 8.19.15-r0
- (no CPE)range: < 9.3.4-r0
- (no CPE)range: < 36.0.0-r11
- (no CPE)range: < 7.17.29-r12
- (no CPE)range: < 7.17.29-r12
- (no CPE)range: < 8.17.10-r20
- (no CPE)range: < 8.19.14-r1
- (no CPE)range: < 8.19.14-r1
- (no CPE)range: < 9.0.8-r9
- (no CPE)range: < 9.0.8-r9
- (no CPE)range: < 9.1.10-r3
- (no CPE)range: < 9.1.10-r3
- (no CPE)range: < 9.2.8-r1
- (no CPE)range: < 9.2.8-r1
- (no CPE)range: < 9.3.3-r1
- (no CPE)range: < 9.3.3-r1
- (no CPE)range: < 8.17.10-r14
- (no CPE)range: < 8.17.10-r14
- (no CPE)range: < 8.19.13-r2
- (no CPE)range: < 9.0.8-r15
- (no CPE)range: < 9.0.8-r15
- (no CPE)range: < 9.1.10-r7
- (no CPE)range: < 9.2.7-r2
- (no CPE)range: < 9.3.2-r2
- (no CPE)range: < 12.5.0-r0
- (no CPE)range: < 12.2.0-r1
- (no CPE)range: < 2.7.0-r6
- (no CPE)range: < 2.7.0-r6
- (no CPE)range: < 2.7.0-r6
- (no CPE)range: < 2.7.0-r6
- (no CPE)range: < 2.7.0-r6
- (no CPE)range: < 15.0.22-r3
- (no CPE)range: < 15.1.7-r10
- (no CPE)range: < 15.2.6-r11
- (no CPE)range: < 16.0.8-r1
- (no CPE)range: < 16.1.2-r1
- (no CPE)range: < 1.4.2-r8
- (no CPE)range: < 1.4.2-r7
- (no CPE)range: < 0.33.1-r12
- (no CPE)range: < 0.33.1-r7
- (no CPE)range: < 2025.0.8-r10
- (no CPE)range: < 2025.1.6-r8
- (no CPE)range: < 2025.2.4-r4
- (no CPE)range: < 2025.4.3-r5
- (no CPE)range: < 2026.0.2-r5
- (no CPE)range: < 2025.0.8-r12
- (no CPE)range: < 2025.1.6-r9
- (no CPE)range: < 2025.2.4-r5
- (no CPE)range: < 2025.4.3-r6
- (no CPE)range: < 2026.0.2-r6
- (no CPE)range: < 26.5.6-r2
- (no CPE)range: < 26.5.6-r2
- (no CPE)range: < 26.5.6-r2
- (no CPE)range: < 26.5.6-r2
- (no CPE)range: < 26.5.6-r2
- (no CPE)range: < 26.5.6-r2
- (no CPE)range: < 1.17.3-r12
- (no CPE)range: < 1.18.2-r6
- (no CPE)range: < 1.18.2-r6
- (no CPE)range: < 1.19.11-r6
- (no CPE)range: < 1.19.11-r6
- (no CPE)range: < 1.20.2-r6
- (no CPE)range: < 1.21.1-r6
- (no CPE)range: < 1.21.1-r6
- (no CPE)range: < 1.22.1-r1
- (no CPE)range: < 1.22.1-r1
- (no CPE)range: < 1.17.3-r2
- (no CPE)range: < 1.17.3-r2
- (no CPE)range: < 1.18.2-r2
- (no CPE)range: < 1.18.2-r2
- (no CPE)range: < 1.19.11-r3
- (no CPE)range: < 1.19.11-r3
- (no CPE)range: < 1.20.2-r3
- (no CPE)range: < 1.20.2-r3
- (no CPE)range: < 1.21.1-r3
- (no CPE)range: < 1.21.1-r3
- (no CPE)range: < 1.22.1-r1
- (no CPE)range: < 1.22.1-r1
- (no CPE)range: < 0.12.0-r33
- (no CPE)range: < 4.14.0-r10
- (no CPE)range: < 8.19.14-r0
- (no CPE)range: < 8.19.14-r0
- (no CPE)range: < 8.19.14-r0
- (no CPE)range: < 9.0.8-r24
- (no CPE)range: < 9.0.8-r24
- (no CPE)range: < 9.0.8-r24
- (no CPE)range: < 9.1.10-r8
- (no CPE)range: < 9.1.10-r8
- (no CPE)range: < 9.1.10-r8
- (no CPE)range: < 9.1.10-r8
- (no CPE)range: < 9.2.8-r0
- (no CPE)range: < 9.2.8-r0
- (no CPE)range: < 9.2.8-r0
- (no CPE)range: < 9.3.3-r0
- (no CPE)range: < 9.3.3-r0
- (no CPE)range: < 9.3.3-r0
- (no CPE)range: < 0.1.114-r0
- (no CPE)range: < 0.1.114-r0
- (no CPE)range: < 0.1.114-r1
- (no CPE)range: < 5.26.23-r1
- (no CPE)range: < 2.19.4-r13
- (no CPE)range: < 2.19.4-r13
- (no CPE)range: < 2.19.4-r13
- (no CPE)range: < 2.19.4-r13
- (no CPE)range: < 2.19.4-r13
- (no CPE)range: < 2.19.4-r13
- (no CPE)range: < 2.19.4-r13
- (no CPE)range: < 3.6.0-r0
- (no CPE)range: < 3.6.0-r0
- (no CPE)range: < 3.5.0-r3
- (no CPE)range: < 3.5.0-r3
- (no CPE)range: < 3.6.0-r0
- (no CPE)range: < 3.5.0-r3
- (no CPE)range: < 3.5.0-r3
- (no CPE)range: < 3.6.0-r0
- (no CPE)range: < 3.5.0-r5
- (no CPE)range: < 3.6.0-r0
- (no CPE)range: < 3.5.0-r5
- (no CPE)range: < 3.5.0-r5
- (no CPE)range: < 3.5.0-r5
- (no CPE)range: < 3.5.0-r5
- (no CPE)range: < 3.5.0-r5
- (no CPE)range: < 3.6.0-r0
- (no CPE)range: < 1.4.0-r4
- (no CPE)range: < 1.4.0-r1
- (no CPE)range: < 3.5.28-r2
- (no CPE)range: < 2.6.0-r6
- (no CPE)range: < 3.5.8-r10
- (no CPE)range: < 3.5.8-r10
- (no CPE)range: < 4.0.2-r9
- (no CPE)range: < 4.1.1-r10
- (no CPE)range: < 3.5.8-r0
- (no CPE)range: < 3.5.8-r0
- (no CPE)range: < 4.1.1-r8
- (no CPE)range: < 0.51.0-r6
- (no CPE)range: < 0.51.0-r6
- (no CPE)range: < 0.51.0-r6
- (no CPE)range: < 0.51.0-r22
- (no CPE)range: < 0.51.0-r6
- (no CPE)range: < 0.51.0-r6
- (no CPE)range: < 0.51.0-r6
- (no CPE)range: < 0.10.5-r10
- (no CPE)range: < 4.3.1-r4
- (no CPE)range: < 4.3.1-r4
- (no CPE)range: < 480-r1
- (no CPE)range: < 480-r1
- (no CPE)range: < 480-r1
- (no CPE)range: < 480-r1
- (no CPE)range: < 480-r1
- (no CPE)range: < 480-r1
- (no CPE)range: < 480-r1
- (no CPE)range: < 480-r1
- (no CPE)range: < 480-r1
- (no CPE)range: < 480-r1
- (no CPE)range: < 480-r1
- (no CPE)range: < 480-r1
- (no CPE)range: < 480-r1
- (no CPE)range: < 13.9-r11
- (no CPE)range: < 4.14.4-r0
- (no CPE)range: < 4.14.4-r0
- (no CPE)range: < 4.14.4-r0
- (no CPE)range: < 4.14.4-r0
- (no CPE)range: < 39.0.1-r2
- (no CPE)range: < 39.0.1-r2
- (no CPE)range: < 3.6.1-r1
- (no CPE)range: < 3.6.1-r1
- (no CPE)range: < 0.27.0-r0
- (no CPE)range: < 2.53.0-r4
- (no CPE)range: < 4.2.1-r0
- (no CPE)range: < 3.2.0-r2
- (no CPE)range: < 0.5.4-r19
- (no CPE)range: < 36.0.0-r11
- (no CPE)range: < 12.5.0-r0
- (no CPE)range: < 15.2.6-r11
- (no CPE)range: < 16.0.8-r1
- (no CPE)range: < 16.1.2-r1
- (no CPE)range: < 26.5.6-r2
- (no CPE)range: < 26.5.6-r2
- (no CPE)range: < 26.5.6-r2
- (no CPE)range: < 0.12.0-r33
- (no CPE)range: < 9.1.10-r8
- (no CPE)range: < 9.1.10-r8
- (no CPE)range: < 9.1.10-r8
- (no CPE)range: < 9.1.10-r8
- (no CPE)range: < 9.2.8-r0
- (no CPE)range: < 9.2.8-r0
- (no CPE)range: < 9.2.8-r0
- (no CPE)range: < 9.3.3-r0
- (no CPE)range: < 9.3.3-r0
- (no CPE)range: < 9.3.3-r0
- (no CPE)range: < 0.1.114-r0
- (no CPE)range: < 0.1.114-r1
- (no CPE)range: < 5.26.23-r1
- (no CPE)range: < 2.19.4-r13
- (no CPE)range: < 2.19.4-r13
- (no CPE)range: < 2.19.4-r13
- (no CPE)range: < 2.19.4-r13
- (no CPE)range: < 2.19.4-r13
- (no CPE)range: < 2.19.4-r13
- (no CPE)range: < 2.19.4-r13
- (no CPE)range: < 3.6.0-r0
- (no CPE)range: < 3.6.0-r0
- (no CPE)range: < 3.5.0-r3
- (no CPE)range: < 3.5.0-r3
- (no CPE)range: < 3.6.0-r0
- (no CPE)range: < 3.5.0-r3
- (no CPE)range: < 3.5.0-r3
- (no CPE)range: < 3.6.0-r0
- (no CPE)range: < 3.5.8-r10
- (no CPE)range: < 3.5.8-r10
- (no CPE)range: < 4.0.2-r9
- (no CPE)range: < 4.1.1-r10
- (no CPE)range: < 0.51.0-r6
- (no CPE)range: < 0.51.0-r6
- (no CPE)range: < 0.51.0-r6
- (no CPE)range: < 0.51.0-r22
- (no CPE)range: < 0.51.0-r6
- (no CPE)range: < 0.51.0-r6
- (no CPE)range: < 0.51.0-r6
- (no CPE)range: < 0.10.5-r10
- (no CPE)range: < 4.3.1-r4
- (no CPE)range: < 4.3.1-r4
- (no CPE)range: < 480-r1
- (no CPE)range: < 480-r1
- (no CPE)range: < 480-r1
- (no CPE)range: < 480-r1
- (no CPE)range: < 480-r1
- (no CPE)range: < 480-r1
- (no CPE)range: < 480-r1
- (no CPE)range: < 480-r1
- (no CPE)range: < 480-r1
- (no CPE)range: < 480-r1
- (no CPE)range: < 480-r1
- (no CPE)range: < 480-r1
- (no CPE)range: < 480-r1
- (no CPE)range: < 13.9-r11
- (no CPE)range: < 39.0.1-r2
- (no CPE)range: < 39.0.1-r2
- (no CPE)range: < 3.6.1-r1
- (no CPE)range: < 3.6.1-r1
- (no CPE)range: < 4.1.132.Final
- (no CPE)range: < 4.1.132-150200.4.43.1
- (no CPE)range: < 4.1.132-1.1
- (no CPE)range: < 2.0.75-150200.3.36.1
- (no CPE)range: < 4.1.132-150200.4.43.1
- (no CPE)range: < 2.0.75-150200.3.36.1
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-pwqr-wmgm-9rr8ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2026-33870ghsaADVISORY
- github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8ghsax_refsource_CONFIRMWEB
- w4ke.info/2025/06/18/funky-chunks.htmlghsax_refsource_MISCWEB
- w4ke.info/2025/10/29/funky-chunks-2.htmlghsax_refsource_MISCWEB
- www.rfc-editor.org/rfc/rfc9110ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.