Done
Details
Details
Assignee
Unassigned
UnassignedReporter
Julian Ladisch
Julian LadischPriority
P2Development Team
Vega
Release
Poppy (R2 2023) Bug Fix
RCA Group
Related dependency upgrade
TestRail: Cases
Open TestRail: Cases
TestRail: Runs
Open TestRail: Runs
Created November 2, 2023 at 11:21 AM
Updated March 21, 2024 at 1:59 PM
Resolved November 3, 2023 at 11:06 AM
Upgrade Vert.x from 4.3.5 to 4.4.6. This indirectly upgrades Netty from 4.1.85.Final to 4.1.100.Final fixing Denial of Service (DoS) and HTTP Response Splitting:
https://nvd.nist.gov/vuln/detail/CVE-2023-44487
https://nvd.nist.gov/vuln/detail/CVE-2022-41915
https://nvd.nist.gov/vuln/detail/CVE-2023-34462