search

sermant-io / Sermant

CNCF sandbox project, a Cloud-Native Proxyless Service Mesh based on Java Bytecode Enhancement Technology
https://sermant.io/
Apache License 2.0
1.25k stars 164 forks source link

Upgrading Open-Source Software Versions #1637

Closed hanbingleixue closed 1 month ago

hanbingleixue commented 1 month ago

What would you like to be enhanced?

update component version to resolve security vulnerabilities

Why is this needed?

Component Version CVE
netty 4.1.100.final CVE-2024-29025
simpleclient_common 0.15.0 CVE-2022-22965
tomcat-embed-el 9.0.86 CVE-2024-34750
tomcat-annotations-api 9.0.86 CVE-2024-34750
Issues-translate-bot commented 1 month ago

Detect the issue's language is not English and translate it automatically.

Title: Fix Open-Source Software Vulnerabilities