Details
-
Bug
-
Status: Open
-
Minor
-
Resolution: Unresolved
-
3.7.0
-
None
-
None
Description
netty has reported a couple of CVEs regarding the usage of Bzip2Decoder and SnappyFrameDecoder.
Reference :
CVE-2021-37136 - https://github.com/netty/netty/security/advisories/GHSA-grg4-wf29-r9vv
CVE-2021-37137 - https://github.com/netty/netty/security/advisories/GHSA-9vjp-v76f-g363
Can we upgrade Netty to version 4.1.68.Final to fix this ?