Product

Netty-Codec (<= 4.1.132.Final)

1 brief RSS

Netty Lz4FrameDecoder Resource Exhaustion Vulnerability

Netty's Lz4FrameDecoder is vulnerable to resource exhaustion, where an attacker can cause excessive memory allocation by sending a small, crafted header, leading to a denial-of-service condition; this affects netty-codec-compression versions up to 4.2.12.Final and netty-codec versions up to 4.1.132.Final.

netty-codec-compression +1 resource-exhaustion denial-of-service netty

2r 1t 1h ago