Maven package
io.netty/netty-codec-smtp
pkg:maven/io.netty/netty-codec-smtp
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-59419 | Med | — | >= 4.2.0.Alpha1, < 4.2.7.Final | 4.2.7.Final | Oct 15, 2025 | Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.128.Final and 4.2.7.Final, the SMTP codec in Netty contains an SMTP command injection vulnerability due to insufficient input validation for Carriage Return (\r) and Line Feed (\n) char |
- affected >= 4.2.0.Alpha1, < 4.2.7.Finalfixed 4.2.7.Final
Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.128.Final and 4.2.7.Final, the SMTP codec in Netty contains an SMTP command injection vulnerability due to insufficient input validation for Carriage Return (\r) and Line Feed (\n) char