CVE-2024-22201 on http2-common 9.4.51 version - autoclosed

Question

CVE-2024-22201 on http2-common 9.4.51 version - autoclosed

samawarad opened this issue a month ago · comments

Hi Team,

Upgrade version for CVE-2024-22201 on http2-common 9.4.51 version is available on http2-common 9.4.54

Application is deployed on Jetty 9.4.51, jdk 11 and http2-common 9.4.51 version. Can we use http2-common 9.4.54 on Jetty 9.4.51 ?

Kindly suggest.

Thanks,

mend-for-github-com · Answer 1 · Fri May 03 2024 03:44:10 GMT+0800 (China Standard Time)

✔️ This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.