jersey icon indicating copy to clipboard operation
jersey copied to clipboard
verified publisher icon eclipse-ee4j

Upgrading the versions of Netty, Jetty and Spring6

Open guptas6est opened this issue 2 months ago • 0 comments

Why: To remediate the following vulnerabilities in 3.0 branch:

Netty

CVE-2025-55163 CVE-2025-58056 CVE-2025-58057

Jetty

CVE-2025-5115

Spring 6

CVE-2024-38820 CVE-2025-22233 CVE-2025-41234 CVE-2025-41249

What: Upgraded the dependency versions

Netty - 4.1.122.Final -> 4.1.128.Final Jetty - 11.0.25 -> 11.0.26 Jetty 9 - 9.4.57.v20241219 -> 9.4.58.v20250814 Spring 6 - 6.0.23 -> 6.2.11

guptas6est avatar Oct 22 '25 12:10 guptas6est