[
https://issues.apache.org/jira/browse/CASSANDRA-18812?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17760806#comment-17760806
]
Stefan Miklosovic edited comment on CASSANDRA-18812 at 8/31/23 9:06 AM:
------------------------------------------------------------------------
[https://ossindex.sonatype.org/vulnerability/CVE-2023-4586?component-type=maven&component-name=io.netty%2Fnetty-handler&utm_source=dependency-check&utm_medium=integration&utm_content=8.3.1]
This is interesting:
https://github.com/netty/netty/issues/9930#issuecomment-572196335
was (Author: smiklosovic):
[https://ossindex.sonatype.org/vulnerability/CVE-2023-4586?component-type=maven&component-name=io.netty%2Fnetty-handler&utm_source=dependency-check&utm_medium=integration&utm_content=8.3.1]
This is interesting:
https://github.com/netty/netty/issues/9930#issuecomment-572578899
So ... probably not a big deal.
> Investigate and fix CVE-2023-4586
> ---------------------------------
>
> Key: CASSANDRA-18812
> URL: https://issues.apache.org/jira/browse/CASSANDRA-18812
> Project: Cassandra
> Issue Type: Improvement
> Reporter: Stefan Miklosovic
> Priority: Normal
> Fix For: 5.x
>
> Attachments: dependency-check-report.html
>
>
> CVE-2023-4586 was found by dependency checker on 5.0 / trunk for Netty 4.1.96.
>
> HTML report is attached.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
