{"id":"ROOT-APP-MAVEN-CVE-2026-33871","summary":"CVE-2026-33871 in io.root.io.netty:netty-codec-http2 - Patched by Root","details":"Root has patched CVE-2026-33871 in the io.root.io.netty:netty-codec-http2 package for Root:Maven. Multiple fixed versions available.","modified":"2026-04-08T18:32:43.668161Z","published":"2026-04-08T12:06:13Z","upstream":["CVE-2026-33871"],"database_specific":{"source":"Root","distro":"maven","distro_version":""},"affected":[{"package":{"name":"io.root.io.netty:netty-codec-http2","ecosystem":"Root:Maven"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.1.126.Final-root.io.3"},{"fixed":"4.1.118.Final-root.io.4"},{"fixed":"4.1.126.Final-root.io.4"},{"fixed":"4.1.118.Final-root.io.8"},{"fixed":"4.1.108.Final-root.io.1"},{"fixed":"4.1.126.Final-root.io.9"},{"fixed":"4.1.108.Final-root.io.2"},{"fixed":"4.1.118.Final-root.io.11"}]}],"database_specific":{"total_fixed_versions":8,"source":"https://api.root.io/external/osv/ROOT-APP-MAVEN-CVE-2026-33871.json","root_patch_version":"root.io.11","all_fixed_versions":["4.1.126.Final-root.io.3","4.1.118.Final-root.io.4","4.1.126.Final-root.io.4","4.1.118.Final-root.io.8","4.1.108.Final-root.io.1","4.1.126.Final-root.io.9","4.1.108.Final-root.io.2","4.1.118.Final-root.io.11"],"upstream_version":"4.1.118.Final","root_patched":true}}],"schema_version":"1.7.5"}