Skip to content

Commit d8d9cda

Browse files
vivekk16vivekk16
authored
[Cherry-pick][RHOAIENG-32580] Fix CVE-2025-55163 (#98) (#100)
Netty is vulnerable to a MadeYouReset HTTP/2 DDoS attack. Malformed control frames can bypass the max concurrent streams limit, leading to resource exhaustion and a denial of service. Signed-off-by: Vivek Karunai Kiri Ragavan <[email protected]>
1 parent dd204de commit d8d9cda

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

pom.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -58,7 +58,7 @@
5858
<jenkins-build-tag>${env.BUILD_TAG}</jenkins-build-tag> <!-- set by jenkins -->
5959

6060
<grpc-version>1.63.2</grpc-version>
61-
<netty-version>4.1.118.Final</netty-version>
61+
<netty-version>4.1.124.Final</netty-version>
6262
<litelinks-version>1.7.2</litelinks-version>
6363
<kv-utils-version>0.5.1</kv-utils-version>
6464
<etcd-java-version>0.0.24</etcd-java-version>

0 commit comments

Comments
 (0)