io.netty:netty-transport-native-epoll
Maven2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting io.netty:netty-transport-native-epollpage 1 of 1
- CVE-2026-42577HIGHCVSS 7.5EG 7.5✓ Fixed in 4.2.13.Final2026-05-13
vulnerable: 4.2.0.Final ... 4.2.9.Final (13 versions)
Netty is an asynchronous, event-driven network application framework. From 4.2.0.Final to 4.2.13.Final , Netty's epoll transport fails to detect and close TCP connections that receive a RST after being half-closed, leading to stale channel…
- CVE-2026-45536MEDIUMCVSS 4.0EG 4.0✓ Fixed in 4.1.135.Final2026-06-08
vulnerable: 4.0.16.Final ... 4.1.99.Final (191 versions)
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, netty_unix_socket_recvFd sets msg_control to `char control[CMSG_SPACE(sizeof(int))]` (line 940) —…
Check whether io.netty:netty-transport-native-epoll is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for io.netty:netty-transport-native-epoll CVEs against the assets you own.
Start Free Scan →