Vulnerabilities

CVE-2026-33870

by Fred · 27/03/2026

Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.132.Final and 4.2.10.Final, Netty incorrectly parses quoted strings in HTTP/1.1 chunked transfer encoding extension values, enabling request smuggling attacks. Versions 4.1.132.Final and 4.2.10.Final fix the issue.

More information : https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8

Similar

Tags: Cybersecurity Alert