AWS Inspector reports HIGH finding with SNYK-JAVA-IONETTY-5725787 #34277
-
|
Dear comunity, since couple of months AWS reports MEDIUM level security finding related to io.netty:netty-handler and comming packed together with quarkus (currently using 2.16.6.Final). We kind of ignored it for long period as it was MEDIUM level. But since yesterday this finding was reported as HIGH and now is the time to tackle it. I was searching in internet if there are some quarkus related questions or posts, but I was not able to find it. Can someone help me with this finding (https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-5725787)? There are also other findings like:
Also wanted to ask, if there is an official quarkus page where quarkus team is reacting on such security findings? Thanks in advance! Regards, |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 2 replies
-
|
@adisnuhan It will be addressed by #34249, thanks |
Beta Was this translation helpful? Give feedback.
-
|
Hi @sberyozkin , will this fix only be part of quarkus 3.x or will also be integrated into 2.x version? |
Beta Was this translation helpful? Give feedback.
-
|
@adisnuhan I see Guillaume confirmed it in #34249 |
Beta Was this translation helpful? Give feedback.
-
Beta Was this translation helpful? Give feedback.
@adisnuhan It will be addressed by #34249, thanks