[TINKERPOP-2632] Netty 4.1.61 flagged with two high severity security violations - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Done
Affects Version/s: 3.4.12
Fix Version/s: 3.6.0, 3.4.13, 3.5.2
Component/s: server
Labels:
None

Description

Security scan software (twistlock) flags netty-all-4.1.61.Final.jar with two high severity security violations.

Here are links to the violations.

https://nvd.nist.gov/vuln/detail/CVE-2021-37136

https://nvd.nist.gov/vuln/detail/CVE-2021-37137

The scan report identifies that these issues are addressed in version 4.1.68

Attachments

Activity

People

Assignee:: Stephen Mallette

Reporter:: Aaron Coady

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 25/Oct/21 13:54

Updated:: 25/Oct/21 16:13

Resolved:: 25/Oct/21 16:13