VYPR

Maven package

io.netty/netty-codec-smtp

pkg:maven/io.netty/netty-codec-smtp

Vulnerabilities (1)

  • CVE-2025-59419MedOct 15, 2025
    affected >= 4.2.0.Alpha1, < 4.2.7.Finalfixed 4.2.7.Final

    Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.128.Final and 4.2.7.Final, the SMTP codec in Netty contains an SMTP command injection vulnerability due to insufficient input validation for Carriage Return (\r) and Line Feed (\n) char