CVE-2025-58056
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-58056
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-58056.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-58056
- Aliases
- Downstream
- Related
- Published
- 2025-09-03T21:15:33Z
- Modified
- 2025-09-09T16:55:14.885056Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Netty is an asynchronous event-driven network application framework for development of maintainable high performance protocol servers and clients. In versions 4.1.124.Final, and 4.2.0.Alpha3 through 4.2.4.Final, Netty incorrectly accepts standalone newline characters (LF) as a chunk-size line terminator, regardless of a preceding carriage return (CR), instead of requiring CRLF per HTTP/1.1 standards. When combined with reverse proxies that parse LF differently (treating it as part of the chunk extension), attackers can craft requests that the proxy sees as one request but Netty processes as two, enabling request smuggling attacks. This is fixed in versions 4.1.125.Final and 4.2.5.Final.
- References
-
- https://github.com/JLLeitschuh/unCVEed/issues/1
- https://github.com/netty/netty/security/advisories/GHSA-fghv-69vj-qj49
- https://datatracker.ietf.org/doc/html/rfc9112#name-chunked-transfer-coding
- https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284
- https://github.com/netty/netty/pull/15611
- https://github.com/netty/netty/issues/15522
- https://w4ke.info/2025/06/18/funky-chunks.html
- https://security-tracker.debian.org/tracker/CVE-2025-58056
Affected packages
Debian:11 / netty
Package
- Name
- netty
- Purl
- pkg:deb/debian/netty?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Debian:12 / netty
Package
- Name
- netty
- Purl
- pkg:deb/debian/netty?arch=source
Debian:13 / netty
Package
- Name
- netty
- Purl
- pkg:deb/debian/netty?arch=source
Debian:14 / netty
Package
- Name
- netty
- Purl
- pkg:deb/debian/netty?arch=source
Git / github.com/netty/netty
Affected ranges
- Type
- GIT
- Repo
- https://github.com/netty/netty
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
netty-4.*
netty-4.0.0.Alpha1
netty-4.0.0.Alpha2
netty-4.0.0.Alpha3
netty-4.0.0.Alpha4
netty-4.0.0.Alpha5
netty-4.0.0.Alpha6
netty-4.0.0.Alpha7
netty-4.0.0.Alpha8
netty-4.0.0.Beta1
netty-4.0.0.Beta2
netty-4.0.0.Beta3
netty-4.0.0.CR1
netty-4.0.0.CR2
netty-4.0.0.CR3
netty-4.0.0.CR4
netty-4.0.0.CR5
netty-4.0.0.CR7
netty-4.0.0.CR8
netty-4.0.0.CR9
netty-4.0.0.Final
netty-4.0.1.Final
netty-4.0.10.Final
netty-4.0.11.Final
netty-4.0.12.Final
netty-4.0.13.Final
netty-4.0.14.Beta1
netty-4.0.14.Final
netty-4.0.15.Final
netty-4.0.2.Final
netty-4.0.3.Final
netty-4.0.4.Final
netty-4.0.5.Final
netty-4.0.6.Final
netty-4.0.7.Final
netty-4.0.8.Final
netty-4.1.0.Beta1
netty-4.1.0.Beta2
netty-4.1.0.Beta3
netty-4.1.0.Beta4
netty-4.1.0.Beta5
netty-4.1.0.Beta6
netty-4.1.0.Beta7
netty-4.1.0.Beta8
netty-4.1.0.CR1
netty-4.1.0.CR2
netty-4.1.0.CR3
netty-4.1.0.CR4
netty-4.1.0.CR5
netty-4.1.0.CR6
netty-4.1.0.CR7
netty-4.1.0.Final
netty-4.1.1.Final
netty-4.1.10.Final
netty-4.1.100.Final
netty-4.1.101.Final
netty-4.1.102.Final
netty-4.1.103.Final
netty-4.1.104.Final
netty-4.1.105.Final
netty-4.1.106.Final
netty-4.1.107.Final
netty-4.1.108.Final
netty-4.1.109.Final
netty-4.1.11.Final
netty-4.1.12.Final
netty-4.1.13.Final
netty-4.1.14.Final
netty-4.1.15.Final
netty-4.1.16.Final
netty-4.1.17.Final
netty-4.1.18.Final
netty-4.1.19.Final
netty-4.1.2.Final
netty-4.1.20.Final
netty-4.1.21.Final
netty-4.1.22.Final
netty-4.1.23.Final
netty-4.1.24.Final
netty-4.1.25.Final
netty-4.1.26.Final
netty-4.1.27.Final
netty-4.1.28.Final
netty-4.1.29.Final
netty-4.1.3.Final
netty-4.1.30.Final
netty-4.1.31.Final
netty-4.1.32.Final
netty-4.1.33.Final
netty-4.1.34.Final
netty-4.1.35.Final
netty-4.1.36.Final
netty-4.1.37.Final
netty-4.1.38.Final
netty-4.1.39.Final
netty-4.1.4.Final
netty-4.1.40.Final
netty-4.1.41.Final
netty-4.1.42.Final
netty-4.1.43.Final
netty-4.1.44.Final
netty-4.1.45.Final
netty-4.1.46.Final
netty-4.1.47.Final
netty-4.1.48.Final
netty-4.1.49.Final
netty-4.1.5.Final
netty-4.1.50.Final
netty-4.1.51.Final
netty-4.1.52.Final
netty-4.1.53.Final
netty-4.1.54.Final
netty-4.1.55.Final
netty-4.1.56.Final
netty-4.1.57.Final
netty-4.1.58.Final
netty-4.1.59.Final
netty-4.1.6.Final
netty-4.1.60.Final
netty-4.1.61.Final
netty-4.1.62.Final
netty-4.1.63.Final
netty-4.1.64.Final
netty-4.1.65.Final
netty-4.1.66.Final
netty-4.1.67.Final
netty-4.1.68.Final
netty-4.1.69.Final
netty-4.1.7.Final
netty-4.1.70.Final
netty-4.1.71.Final
netty-4.1.72.Final
netty-4.1.73.Final
netty-4.1.74.Final
netty-4.1.75.Final
netty-4.1.76.Final
netty-4.1.77.Final
netty-4.1.78.Final
netty-4.1.79.Final
netty-4.1.8.Final
netty-4.1.80.Final
netty-4.1.81.Final
netty-4.1.82.Final
netty-4.1.83.Final
netty-4.1.84.Final
netty-4.1.85.Final
netty-4.1.86.Final
netty-4.1.87.Final
netty-4.1.88.Final
netty-4.1.89.Final
netty-4.1.9.Final
netty-4.1.90.Final
netty-4.1.91.Final
netty-4.1.92.Final
netty-4.1.93.Final
netty-4.1.94.Final
netty-4.1.95.Final
netty-4.1.96.Final
netty-4.1.97.Final
netty-4.1.98.Final
netty-4.1.99.Final
netty-4.2.0.Alpha1
netty-4.2.0.Alpha2
netty-4.2.0.Alpha3
netty-4.2.0.Alpha4
netty-4.2.0.Alpha5
netty-4.2.0.Beta1
netty-4.2.0.Final
netty-4.2.0.RC1
netty-4.2.0.RC2
netty-4.2.0.RC3
netty-4.2.0.RC4
netty-4.2.1.Final
netty-4.2.2.Final
netty-4.2.3.Final
netty-4.2.4.Final
Database specific
{
"vanir_signatures": [
{
"source": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"target": {
"file": "codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java",
"function": "readHeaders"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58056-0b011842",
"digest": {
"length": 2090.0,
"function_hash": "251018223254759466487166298603222625983"
}
},
{
"source": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"target": {
"file": "codec-http/src/test/java/io/netty/handler/codec/http/MultipleContentLengthHeadersTest.java"
},
"signature_type": "Line",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58056-0e9241f0",
"digest": {
"threshold": 0.9,
"line_hashes": [
"322379735956540057788461092791401418878",
"53865431242222262355039785002379299273",
"223175812255958809732596096659341628120",
"23072233483736939940558172147057873203",
"231165835578817635125623883647223368253",
"104590656562394206470715061705325722824",
"255204949513119670364796354316146077014",
"230356185243323609185539032663622515298",
"62423538923453666273286901424635733312",
"285148617732686332170504926634535018678",
"263936161210819305545537672247297999734",
"223208309700101269605744290951680689119",
"263400823606196167913752647080128794862",
"317253067155473523416727966986001923244",
"328872122099335299480533583529938301203",
"135143765615467592630711745095606625605",
"226071937504804299716356714609871612772",
"147330202019367336859333041560011759440",
"300366790547069911541042300186309833211",
"114198410803283568442994251644718381579",
"232391201324796794677786856457507202401",
"241497948995203086604072417492826213055"
]
}
},
{
"source": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"target": {
"file": "codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java",
"function": "testDecodeWholeRequestAtOnce"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58056-0f70430b",
"digest": {
"length": 102.0,
"function_hash": "305762003019394324552539756913993916035"
}
},
{
"source": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"target": {
"file": "codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java",
"function": "readTrailingHeaders"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58056-2421c749",
"digest": {
"length": 1323.0,
"function_hash": "74235108055175765357853180090932912071"
}
},
{
"source": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"target": {
"file": "codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java",
"function": "HttpObjectDecoder"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58056-3f39d358",
"digest": {
"length": 588.0,
"function_hash": "4469842379076714608733009651404727748"
}
},
{
"source": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"target": {
"file": "codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java",
"function": "testDecodeWholeRequestAtOnce"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58056-54506f8c",
"digest": {
"length": 695.0,
"function_hash": "308999840692277717064839917078441911127"
}
},
{
"source": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"target": {
"file": "codec-http/src/test/java/io/netty/handler/codec/http/MultipleContentLengthHeadersTest.java",
"function": "newChannel"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58056-547fb7f2",
"digest": {
"length": 237.0,
"function_hash": "23801202541915459260241253866910083561"
}
},
{
"source": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"target": {
"file": "codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java",
"function": "testNulInInitialLine"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58056-6257a2ca",
"digest": {
"length": 86.0,
"function_hash": "193362696599798466301541736481893819526"
}
},
{
"source": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"target": {
"file": "codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java",
"function": "testChunkSizeOverflow2"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58056-6a21ba59",
"digest": {
"length": 541.0,
"function_hash": "332660639060379825275766084343464274316"
}
},
{
"source": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"target": {
"file": "codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java",
"function": "testDecodeWholeRequestInMultipleSteps"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58056-6a7ba1b4",
"digest": {
"length": 1071.0,
"function_hash": "162791014783811951971962851928739814526"
}
},
{
"source": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"target": {
"file": "codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java",
"function": "parse"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58056-744f3515",
"digest": {
"length": 976.0,
"function_hash": "50820505051733837196152014835727772417"
}
},
{
"source": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"target": {
"file": "codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java",
"function": "parse"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58056-81405eb7",
"digest": {
"length": 328.0,
"function_hash": "51834814077072961461178111154175015289"
}
},
{
"source": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"target": {
"file": "codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java"
},
"signature_type": "Line",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58056-84d92c05",
"digest": {
"threshold": 0.9,
"line_hashes": [
"156445803076250393519875526411532019827",
"158536850411380988180926567569456844422",
"1308609975068488523898063209425653953",
"228930241105896236880567980560570613252",
"236297297265651299251771683005596510612",
"249517808983004213683818772566714034314",
"161476512050763059322307794002931000338",
"309267290167731798891566222911432717271",
"272572276402550633379073612425309097138",
"87560039931772290876191837156635426982",
"109417018907521919259599026526518664497",
"306252784887182585986444221695417657393",
"137399831341387472194631559508603952915",
"199154146172811520860911029753014407101",
"34690824908669572642142243150695116",
"122366418961138492840566936925576461999",
"288897988205666448032691998698559475877",
"160036274038261410019243868127299574371",
"295372008766365800277896764242771541873",
"168456460444859074612602109144226823425",
"151822770998543372674194207260489864994",
"48840291168162151098604800388959826538",
"314164299786873777400401779238834100515",
"57358179384437610874506460300190796409",
"168456460444859074612602109144226823425",
"26568358533427394277052771265567779652",
"188850502361477418178721597005475622519",
"61411556106605453469643164231107781",
"177945897187607152242035671400893674778",
"250609488637760976291327589240506292256",
"155197263732551183750724334068503496760",
"243919411020525055174538257188834483910",
"154994723899875024919890591988876636544",
"321845335510618602044899654668760179972",
"320900110174913096061610220677208582424",
"28695094952188108418284362914996171393",
"199013378049234268305531716368706902818",
"143881886972053463797395173534597887936",
"135446178395829746425430438861986554523",
"318619104458363811800740717846403469058",
"33541174625601197999850123353573692533",
"232921811198334722785263956686337496697",
"123432227892148104489582697070740218780",
"17516138680351370254931220310634867796",
"155828967861933894427821352639972084037",
"138747961668704377946756245211755481835",
"266553581778676188246233945998423228270",
"106905691888266419125967852354242704403",
"33541174625601197999850123353573692533",
"232921811198334722785263956686337496697",
"134439159784406942510506658994636848609",
"162978012135590585693529800831446965114",
"155828967861933894427821352639972084037",
"138747961668704377946756245211755481835",
"91092929085897606263556578232415885824",
"53363347260915404777952616921598799761",
"24411827928373051613316319102641638129",
"293700718369569352985773037736353534220",
"143554674366099765137901370733896688285",
"116871855458034452254058494397245363116",
"289598272648705751561952245923378952260",
"183798293071405235556243573693984844533",
"160285012120702176538284986209742279754",
"109956170095706987766658913966204573595",
"13719372244766483431266607650795480873",
"2548144362082050814639024622093650437",
"322044873064457899915564495694826166855",
"132480780905724098910884736480868070281",
"234490867356393386307783854743916131142",
"147366457984469642854380282496953727233",
"209552305280015310879698726581752558495",
"223510450975607218159861943082336790238",
"159359754513197396841780122990661998056",
"217988890701466924395825909040375949292",
"233857958334571710355022485657449322981",
"168205607580587627062499781284349664631"
]
}
},
{
"source": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"target": {
"file": "codec-http/src/main/java/io/netty/handler/codec/http/HttpDecoderConfig.java"
},
"signature_type": "Line",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58056-8567ccdc",
"digest": {
"threshold": 0.9,
"line_hashes": [
"339789412890212335606997091229682271338",
"77458624631448566341447616247613656685",
"330710899619846815892194584225357216672",
"323571036203647370332199158213804545514",
"154648494366650666018356092076607083146",
"139320517003318057220573812042976952190",
"274869013307425377754916518054697710985"
]
}
},
{
"source": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"target": {
"file": "codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java",
"function": "testDecodeWholeRequestAtOnceMixedDelimitersWithIntegerOverflowOnMaxBodySize"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58056-97964a24",
"digest": {
"length": 150.0,
"function_hash": "294740973774387598227323331083162260083"
}
},
{
"source": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"target": {
"file": "codec-http/src/main/java/io/netty/handler/codec/http/HttpObjectDecoder.java",
"function": "decode"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58056-c9ff3d4a",
"digest": {
"length": 3697.0,
"function_hash": "192407798279316424074979789057486749722"
}
},
{
"source": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"target": {
"file": "codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java"
},
"signature_type": "Line",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58056-d74e51ae",
"digest": {
"threshold": 0.9,
"line_hashes": [
"280399892313263038928437381704309328432",
"285211351878746072502980234306842323812",
"68476561891455988330094632479314480356",
"280997366137191039485793165446371489307",
"231945918163371508513191850665767632093",
"33223978762007943713740779937068453933",
"143955376010854968739449486412540791933",
"315609658562110439481877800429443971032",
"322206040537896997227275199933348883026",
"44634895460546487874984128435754957521",
"149094420655927798903834492760563348444",
"135680989819451196783923563467459916034",
"20672691404938130111696984585075872390",
"295920163617250612127606155044861840738",
"252621195333288743049986757822983993300",
"251993485999943126387529309620681046690",
"276969333006178838240481996159879057421",
"204112894441517834275592181220037632668",
"142964452056969667077202525371459667",
"151558392495678697520218367281367469209",
"78703398336820020978599382204496260361",
"220993511890295868611978854946453318576",
"188545416188820585321659746030936400148",
"319826656020758125828761049570334449616",
"219365012241241288021182868595279540696",
"208658568746609267832642620928991551106",
"306015824392553521776620277217233456359",
"233917389570071217150765397929613430263",
"326212472640155355429480105573606800312",
"34387866672483328325688295309803903755",
"37578277340716532043153441846696242792",
"207375722690958449000637861088236124921",
"132372704425679616528841411466745220195",
"157237853009920139240698956446998720973",
"17065505868488138495319363110500263726",
"197679169748875800092637250731150892498",
"305110208784591212460671105592286927258",
"279656446907126534429263582475113420154",
"95549882409490917422827753450087302922",
"24909544021666588013259166327080424295",
"22324785749672065711236493958076609580",
"86140882433977187068949513412852320688",
"2043072853044974808860423612510899607",
"212344979556113456305672491198769831106",
"331428408412485978764293009544297989230",
"304100040759788813891771914779366395879",
"175242284833840901864644020931653899214",
"111778661950209999905463991635475650636",
"161410523350994143990158406490979100313",
"240447217749169004353485840535221441696",
"211637029980615870787538625712756791640",
"76904486599472439573650466812162706598",
"289048744610411896793984148097434443363",
"35142878565265724801595053306721447973",
"239455500865048213493153045691209238890",
"121439256898036801101754508506583672024",
"204385824455947743457226002375656171366",
"320487193148630357491219046281698102791",
"166992621542134143464463425025586340156",
"227352809978818332893251058085496382241",
"305962143950366191262312523455790980407",
"304160023449100572094976066995645745528",
"107912533259421021531131968257716935216",
"49891991908027306640596366021884672132",
"94389430374586382543131319286188535194",
"192601481855415147318214651093275468822",
"64560219127515361090723626379066155326",
"304627681438467474667591642506348069704",
"123757159042370706215667808465306329210"
]
}
},
{
"source": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"target": {
"file": "codec-http/src/test/java/io/netty/handler/codec/http/HttpResponseDecoderTest.java"
},
"signature_type": "Line",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58056-e458acd2",
"digest": {
"threshold": 0.9,
"line_hashes": [
"154211216216454501152306682145017633550",
"337526408093208329708761866175425522415",
"172841699807224795855293559630112869299",
"247317634884121870863651090550414392635",
"29745584019976731475021836779928682021",
"134401955494517374727980644200235224196",
"33555171829241007521966015144879394683",
"215004521056330611558856127286229377957",
"178153786238862360188719239694670317784",
"19600383928020038147410650024191702340",
"8599171002467414534498188348194507057",
"76808440076137762731307278965628875063",
"130696313815135626032661744047325450845",
"218399824510849364751418412781064202152",
"292768956474873029435652240080166828329",
"241391440314825960001490618051975179884",
"225207574707961722438359574712496497608",
"1890569767538571624536840927039055185",
"46684331651417180200371336526699854429"
]
}
},
{
"source": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"target": {
"file": "codec-http/src/test/java/io/netty/handler/codec/http/HttpRequestDecoderTest.java",
"function": "testDecodeWholeRequestInMultipleSteps"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58056-e57dab1e",
"digest": {
"length": 119.0,
"function_hash": "263064045304229061075923349080336701162"
}
},
{
"source": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"target": {
"file": "codec-http/src/test/java/io/netty/handler/codec/http/MultipleContentLengthHeadersTest.java",
"function": "testDanglingComma"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58056-e7f4b377",
"digest": {
"length": 332.0,
"function_hash": "196221949872697499988180356516355013061"
}
},
{
"source": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"target": {
"file": "codec-http/src/test/java/io/netty/handler/codec/http/HttpResponseDecoderTest.java",
"function": "testWhitespace"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58056-f28235c4",
"digest": {
"length": 581.0,
"function_hash": "260429704418017985027803116300092466791"
}
},
{
"source": "https://github.com/netty/netty/commit/edb55fd8e0a3bcbd85881e423464f585183d1284",
"target": {
"file": "codec-http/src/test/java/io/netty/handler/codec/http/HttpResponseDecoderTest.java",
"function": "testInvalidVersion"
},
"signature_type": "Function",
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2025-58056-fa4fe25d",
"digest": {
"length": 144.0,
"function_hash": "93860556539798516319875259699056325919"
}
}
]
}