search

sermant-io / Sermant

A Cloud-Native Proxyless Service Mesh based on Java Bytecode Enhancement Technology
https://sermant.io/
Apache License 2.0
1.21k stars 159 forks source link

Upgrading Open-Source Software Versions #1637

Open hanbingleixue opened 2 days ago

hanbingleixue commented 2 days ago

What would you like to be enhanced?

update component version to resolve security vulnerabilities

Why is this needed?

Component Version CVE
netty 4.1.100.final CVE-2024-29025
simpleclient_common 0.15.0 CVE-2022-22965
tomcat-embed-el 9.0.86 CVE-2024-34750
tomcat-annotations-api 9.0.86 CVE-2024-34750
Issues-translate-bot commented 2 days ago

Detect the issue's language is not English and translate it automatically.

Title: Fix Open-Source Software Vulnerabilities