VYPR

Maven package

io.netty/netty-handler-proxy

pkg:maven/io.netty/netty-handler-proxy

Vulnerabilities (1)

  • CVE-2026-42578HigMay 13, 2026
    affected < 4.1.133.Finalfixed 4.1.133.Final

    Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty's HttpProxyHandler constructs HTTP CONNECT requests with header validation explicitly disabled. The newInitialMessage() method creates headers using DefaultHttpHea