You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tinkerpop.apache.org by "Aaron Coady (Jira)" <ji...@apache.org> on 2021/10/25 13:56:00 UTC

[jira] [Updated] (TINKERPOP-2632) Netty 4.1.61 flagged with two high severity security violations

     [ https://issues.apache.org/jira/browse/TINKERPOP-2632?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Aaron Coady updated TINKERPOP-2632:
-----------------------------------
    Description: 
{color:#000000}Security scan software (twistlock) flags {color}netty-all-4.1.61.Final.jar with two high severity security violations.

Here are links to the violations.

[+https://nvd.nist.gov/vuln/detail/CVE-2021-37136+|https://nvd.nist.gov/vuln/detail/CVE-2021-37137]

{color:#000000}[https://nvd.nist.gov/vuln/detail/CVE-2021-37137|http://example.com]{color}

The scan report identifies that these issues are addressed in version 4.1.68

  was:
{color:#000000}Security scan software (twistlock) flags {color}netty-all-4.1.61.Final.jar with two high severity security violations.

Here are links to the violations.

[+https://nvd.nist.gov/vuln/detail/CVE-2021-37136+|https://nvd.nist.gov/vuln/detail/CVE-2021-37137]

{color:#000000}[+https://nvd.nist.gov/vuln/detail/CVE-2021-37137+]{color}

The scan report identifies that these issues are addressed in version 4.1.68


> Netty 4.1.61 flagged with two high severity security violations
> ---------------------------------------------------------------
>
>                 Key: TINKERPOP-2632
>                 URL: https://issues.apache.org/jira/browse/TINKERPOP-2632
>             Project: TinkerPop
>          Issue Type: Improvement
>          Components: server
>    Affects Versions: 3.5.0, 3.5.1
>            Reporter: Aaron Coady
>            Priority: Major
>
> {color:#000000}Security scan software (twistlock) flags {color}netty-all-4.1.61.Final.jar with two high severity security violations.
> Here are links to the violations.
> [+https://nvd.nist.gov/vuln/detail/CVE-2021-37136+|https://nvd.nist.gov/vuln/detail/CVE-2021-37137]
> {color:#000000}[https://nvd.nist.gov/vuln/detail/CVE-2021-37137|http://example.com]{color}
> The scan report identifies that these issues are addressed in version 4.1.68



--
This message was sent by Atlassian Jira
(v8.3.4#803005)