Giters

Tencent / TubeMQ

TubeMQ has been donated to the Apache Software Foundation and renamed to InLong, please visit the new Apache repository: https://github.com/apache/incubator-inlong

Home Page:https://inlong.apache.org/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

There is a vulnerability in netty 3.8.0.Final,upgrade recommended

QiAnXinCodeSafe opened this issue · comments

commented

TubeMQ/pom.xml

Lines 223 to 225 in dc64162

<groupId>io.netty</groupId>
<artifactId>netty</artifactId>
<version>3.8.0.Final</version>

CVE-2019-20444 CVE-2019-20445 CVE-2019-16869

Recommended upgrade version:4.1.51.Final

commented

Same error comming with me