From b1209bc0041bd9d0196f0f3762dd1d88d79ad87d Mon Sep 17 00:00:00 2001
From: nithy1603 <67348894+nithy1603@users.noreply.github.com>
Date: Wed, 8 Oct 2025 12:32:58 -0700
Subject: [PATCH 1/2] Fix CVE-2025-55163 & GHSA-xpw8-rcwv-8f8p
Vulnerabilities
===============
CVE Severity CVSS CVE Introduced From Package Package Version Fixed In Version Grace period ends on
--- -------- ---- --------------------------- --------------- ---------------- --------------------
CVE-2025-55163 high 8.2 io.netty:netty-codec-http2 4.1.86.Final 4.1.124 NA
GHSA-xpw8-rcwv-8f8p high 7.5 io.netty:netty-codec-http2 4.1.86.Final 4.1.100 NA
---
pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pom.xml b/pom.xml
index 05d663ac9..898559336 100644
--- a/pom.xml
+++ b/pom.xml
@@ -57,7 +57,7 @@
2.0.6
2.14.2
2.3
- 4.1.89.Final
+ 4.1.124
4.4.1
1.72
From b1022fa7bc8327b3b83c2221f5b822a6c5c4ab7f Mon Sep 17 00:00:00 2001
From: nithy1603 <67348894+nithy1603@users.noreply.github.com>
Date: Wed, 8 Oct 2025 13:11:51 -0700
Subject: [PATCH 2/2] Update pom.xml
---
pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pom.xml b/pom.xml
index 898559336..97e342151 100644
--- a/pom.xml
+++ b/pom.xml
@@ -563,7 +563,7 @@
org.yaml
snakeyaml
- 1.33
+ 2.0