[GHSA-rwm7-x88c-3g2p] Netty epoll transport denial of service via RST on half-closed TCP connection

[mpenttila]

Updates

• Affected products

Comments
4.1.x is not vulnerable per netty/netty#16689

[github]

Hi there @chrisvest! A community member has suggested an improvement to your security advisory. If approved, this change will affect the global advisory listed at github.com/advisories. It will not affect the version listed in your project repository.

This change will be reviewed by our Security Curation Team. If you have thoughts or feedback, please share them in a comment here! If this PR has already been closed, you can start a new community contribution for this advisory

[Copilot]

Pull request overview

Updates the affected version range for GHSA-rwm7-x88c-3g2p (Netty epoll transport DoS on RST after half-close) to reflect that the issue starts in the 4.2.x line, aligning the machine-readable OSV range with the advisory’s notes that 4.1.x is not vulnerable.

Changes:

• Adjusted the affected version range start from introduced: "0" to introduced: "4.2".
• Kept the existing fix version boundary (fixed: "4.2.13.Final") unchanged.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.