Hi, there is a new CVE issue published on 18th of ...
# graphql-kotlins
sevil
02/28/2020, 10:50 AMHi, there is a new CVE issue published on 18th of February on io.netty dependencies. I just integrated graphql-kotlin to our backend project and started to get security warnings. More information for CVE https://snyk.io/vuln/SNYK-JAVA-ORGWSO2TRANSPORTHTTP-548944 . Any suggestion is appreciated.
sevil
02/28/2020, 11:05 AMThe dependency causing the problem added by org.springframework.bootspring boot starter reactor netty2.2.4.RELEASE which comes with org.springframework.bootspring boot starter webflux2.2.4.RELEASE
d
Dariusz Kuc
02/29/2020, 4:16 AMthanks for raising this
Dariusz Kuc
02/29/2020, 4:17 AMfix was released in 2.0.0-RC9.1
5 Views