Uploaded image for project: 'ZooKeeper'
  1. ZooKeeper
  2. ZOOKEEPER-4755

Handle Netty CVE-2023-4586

    XMLWordPrintableJSON

Details

    Description

      The dependency-check:check... check currently fails with the following:

      [ERROR] netty-handler-4.1.94.Final.jar: CVE-2023-4586(6.5)

      According to https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4586 , CVE-2023-4586 is reserved. No fix or additional information is available as of the creation of this ticket.

      We have to:

      1. Temporarily suppress the check;
      2. Monitor CVE-2023-4586 and apply the remediation as soon as it becomes available.

      Attachments

        Issue Links

          links to

          Web Link GitHub Pull Request #2075

          Activity

            People

              ztzg Damien Diederen
              ztzg Damien Diederen
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 0.5h
                  0.5h