You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What is your environment?
Ubuntu 20.04.3 (Azure pipelines)
PaloAltoNetworks' Prisma Cloud Scan shows some vulnerabilities in netty-codec.
The version 4.1.68.Final and later has not any high severity issues. And the 4.1.71.Final and later has none.
Closing as a duplicate of #8617 (yes, that is to upgrade to an older version of Netty, but our intention is to upgrade to 4.1.72; this can be re-opened if we don't end up upgrading to 4.1.72). Note that we recommend using grpc-netty-shaded is not vulnerable to the mentioned vulnerabilities.
When using grpc-netty, you are free to use newer versions of Netty, but recognize that regressions/incompatibilities are not as rare as we'd hope.
What version of gRPC-Java are you using?
https://github.com/grpc/grpc-java/releases/tag/v1.43.1
What is your environment?
Ubuntu 20.04.3 (Azure pipelines)
PaloAltoNetworks' Prisma Cloud Scan shows some vulnerabilities in netty-codec.
The version 4.1.68.Final and later has not any high severity issues. And the 4.1.71.Final and later has none.
Vulnerabilities fixed in 4.1.68.Final: https://snyk.io/vuln/maven:io.netty%3Anetty-codec
Vulnerability fixed in 4.1.71.Final: https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-2314893
The text was updated successfully, but these errors were encountered: