You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tinkerpop.apache.org by "Stephen Mallette (Jira)" <ji...@apache.org> on 2021/10/25 16:14:00 UTC
[jira] [Closed] (TINKERPOP-2632) Netty 4.1.61 flagged with two high
severity security violations
[ https://issues.apache.org/jira/browse/TINKERPOP-2632?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Stephen Mallette closed TINKERPOP-2632.
---------------------------------------
Fix Version/s: 3.5.2
3.4.13
3.6.0
Resolution: Done
Thanks for reporting this - I've bumped the versions:
https://github.com/apache/tinkerpop/commit/de6a61ab79dcae9adb85a6381dd01ad5aa8c7801
> Netty 4.1.61 flagged with two high severity security violations
> ---------------------------------------------------------------
>
> Key: TINKERPOP-2632
> URL: https://issues.apache.org/jira/browse/TINKERPOP-2632
> Project: TinkerPop
> Issue Type: Improvement
> Components: server
> Affects Versions: 3.4.12
> Reporter: Aaron Coady
> Assignee: Stephen Mallette
> Priority: Major
> Fix For: 3.6.0, 3.4.13, 3.5.2
>
>
> {color:#000000}Security scan software (twistlock) flagsĀ {color}netty-all-4.1.61.Final.jar with two high severity security violations.
> Here are links to the violations.
> [+https://nvd.nist.gov/vuln/detail/CVE-2021-37136+|https://nvd.nist.gov/vuln/detail/CVE-2021-37137]
> {color:#000000}[https://nvd.nist.gov/vuln/detail/CVE-2021-37137|http://example.com]{color}
> The scan report identifies that these issues are addressed in version 4.1.68
--
This message was sent by Atlassian Jira
(v8.3.4#803005)