search

ballerina-platform / ballerina-library

The Ballerina Library
https://ballerina.io/learn/api-docs/ballerina/
Apache License 2.0
136 stars 64 forks source link

Address security vulnerability: `CVE-2024-47535` #7358

Closed TharmiganK closed 3 days ago

TharmiganK commented 1 week ago

Description

Need to address the above vulnerability related to the io.netty:netty-common.

Library Vulnerability Severity Status Installed Version Fixed Version Title
io.netty:netty-common (netty-common-4.1.108.Final.jar) CVE-2024-47535 HIGH fixed 4.1.108.Final 4.1.115.final Denial of Service attack on windows app using netty

The following packages should be updated with the fixed version:

Version

Ballerina SwanLake Update - 11

TharmiganK commented 3 days ago

Reopening this since we need to address this in Update 10 branches