VDB
GHSA-w9fj-cfpg-grvv
GHSA-w9fj-cfpg-grvv
PUBLISHED
CVSS 8.699999809265137 HIGH
Netty HTTP/2 CONTINUATION Frame Flood DoS via Zero-Byte Frame Bypass
Risk Scores
CVSS v4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Maven | io.netty:netty-codec-http2 | 0, 4.2.0.Alpha1, 0 |
Timeline
- Mar 26, 2026 CVE Published
- Mar 27, 2026 CVE Updated
- Apr 9, 2026 Security Advisory