guptas6est
guptas6est
**Why**: To remediate the following vulnerabilities in 3.0 branch: **Netty** [CVE-2025-55163](https://nvd.nist.gov/vuln/detail/CVE-2025-55163) [CVE-2025-58056](https://nvd.nist.gov/vuln/detail/CVE-2025-58056) [CVE-2025-58057](https://nvd.nist.gov/vuln/detail/CVE-2025-58057) **Jetty** [CVE-2025-5115](https://nvd.nist.gov/vuln/detail/CVE-2025-5115) **Spring 6** [CVE-2024-38820](https://nvd.nist.gov/vuln/detail/CVE-2024-38820) [CVE-2025-22233](https://nvd.nist.gov/vuln/detail/CVE-2025-22233) [CVE-2025-41234](https://nvd.nist.gov/vuln/detail/CVE-2025-41234) [CVE-2025-41249](https://nvd.nist.gov/vuln/detail/CVE-2025-41249) **What**: Upgraded the dependency versions Netty - 4.1.122.Final ->...
## Summary This PR upgrades Apache Doxia dependencies to version **2.0.0** to remediate several security vulnerabilities and improve the robustness of site report generation. ## Fixed CVEs - [CVE-2025-48924](https://nvd.nist.gov/vuln/detail/CVE-2025-48924) -...
Fixes #xyz Main Issue: #xyz PIP: #xyz ### Motivation This PR removes the transitive dependency reactor-netty-http from the Azure Data Explorer module. The module was bringing in io.projectreactor.netty classes that...
Upgraded Jetty from 9.4.57.v20241219 to 9.4.58.v20250814 and Netty from 4.1.127.Final to 4.1.128.Final
### Summary This PR upgrades the Guava dependency in `zookeeper-contrib-zooinspector` from `30.0-jre` to `32.1.3-jre`. ### Motivation The upgrade addresses the following known vulnerabilities: - **CVE-2023-2976**: Insecure temporary directory creation -...
**Summary** Multiple publicly disclosed CVEs affect io.undertow:undertow-core as used across the Keycloak test modules. These issues are resolved in newer Undertow releases. **What This PR Does** - Introduces a local...
### Description ### Summary Multiple publicly disclosed CVEs affect `io.undertow:undertow-core` as used in Keycloak test modules. These vulnerabilities are already fixed upstream in newer Undertow releases. --- ### Affected Dependency...