[ https://issues.apache.org/jira/browse/CASSANDRA-15590?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17040131#comment-17040131 ]
Mark Denihan commented on CASSANDRA-15590: ------------------------------------------ The highest CVSS score of these issues is 9.1 / Critical. How soon can netty be updated? > Upgrade io.netty_netty-all dependency to fix security vulnerabilities > --------------------------------------------------------------------- > > Key: CASSANDRA-15590 > URL: https://issues.apache.org/jira/browse/CASSANDRA-15590 > Project: Cassandra > Issue Type: Task > Components: Dependencies > Reporter: Vishwas Vijaya Kumar > Priority: Normal > > Upgrade io.netty_netty-all dependency to fix the following CVEs: > * > [CVE-2019-20444|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20444] > * > [CVE-2019-20445|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20445] > * > [CVE-2019-16869|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16869] -- This message was sent by Atlassian Jira (v8.3.4#803005) --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org