Skip to content

fix: resolve SNYK-JAVA-IONETTY-16438929 netty-codec-http2 vulnerability#367

Merged
sr4850 merged 1 commit into
mainfrom
fix/bump-netty-codec-http2-vulnerability
May 7, 2026
Merged

fix: resolve SNYK-JAVA-IONETTY-16438929 netty-codec-http2 vulnerability#367
sr4850 merged 1 commit into
mainfrom
fix/bump-netty-codec-http2-vulnerability

Conversation

@sr4850

@sr4850 sr4850 commented May 7, 2026

Copy link
Copy Markdown
Contributor

Bumps netty to 4.2.13.Final via dependency management to fix Improper Handling of Highly Compressed Data (Data Amplification) in io.netty:netty-codec-http2@4.1.132.Final introduced transitively by software.amazon.awssdk:batch@2.44.3.

Ref: https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-16438929

Description

Related issue: JIRA_TICKET_NUMBER

Before submitting (or marking as "ready for review")

  • Does the pull request title follow the conventional commit specification?
  • Have you performed a self-review of the code
  • Have you have added tests that prove the fix or feature is effective and working
  • Did you make sure to update any documentation relating to this change?

@sr4850
fix: resolve SNYK-JAVA-IONETTY-16438929 netty-codec-http2 vulnerability
0820e30 
Bumps netty to 4.2.13.Final via dependency management to fix
Improper Handling of Highly Compressed Data (Data Amplification)
in io.netty:netty-codec-http2@4.1.132.Final introduced transitively
by software.amazon.awssdk:batch@2.44.3.

Ref: https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-16438929

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@sr4850 sr4850 merged commit 270b487 into main May 7, 2026
7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@fibble fibble fibble approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@sr4850 @fibble