Security vulnerability for Netty Project netty-4.1.53.Final

Hi,

As per NVD, the netty-4.1.53.Final version present in readonlyrest-1.26.1_es7.10.0.zip is vulnerable.

Vulnerability Links are as follows:

  1. NVD - CVE-2021-21290
  2. NVD - CVE-2021-21409

Please look into this.

Hi @Aditi

Please check out our changelog: Download - ReadonlyREST
IMO it’s fixed. Could you please upgrade ROR to the newest version and let us know that you confirm the vulnerabilities are not there any more?

Hi @coutoPL

Sure I will check this again with latest version of ROR. Thanks!