[jira] [Closed] (TINKERPOP-2883) Vulnerability in Netty libraries

Jim Foscue (Jira) Thu, 09 Mar 2023 12:34:07 -0800


     [ 
https://issues.apache.org/jira/browse/TINKERPOP-2883?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Jim Foscue closed TINKERPOP-2883.
---------------------------------
    Resolution: Not A Problem

> Vulnerability in Netty libraries
> --------------------------------
>
>                 Key: TINKERPOP-2883
>                 URL: https://issues.apache.org/jira/browse/TINKERPOP-2883
>             Project: TinkerPop
>          Issue Type: Improvement
>    Affects Versions: 3.6.2
>            Reporter: Jim Foscue
>            Priority: Major
>              Labels: Ironbank
>
> Vulnerability in netty-3.9.9
> Need to update to netty libraries to greater than 4.1.44
> https://nvd.nist.gov/vuln/detail/CVE-2019-20445
> HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header 
> to be accompanied by a second Content-Length header, or by a 
> Transfer-Encoding header.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Closed] (TINKERPOP-2883) Vulnerability in Netty libraries

Reply via email to