io.netty:netty-codec-compression (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package io.netty:netty-codec-compression, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2025-58057 — CVSS 7.5 (high): Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers…
CVE-2026-42583 — CVSS 7.5 (high): Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Lz4FrameDecoder allocates a…