Vulnerability disclosed in Netty

Issue date: 04-04-2022
Affects versions: 14.7, 13.4, 12.6

Security Issue ID

SECURITY-282

Affected Product Version(s)

14.7.1, 13.4.12, 12.6.22 and previous releases.

Severity

Low

Description

CVE-2021-43797

Netty is used indirectly as part of a migration tool for data generated by the relevance module implementation in version 10 of brXM. This tool is not active in normal production use of brXM, and therefore we consider this report to be a false positive. Nonetheless, we have updated this dependency to the latest version as part of the latest maintenance releases of brXM.

Instructions

Customers are recommended to upgrade to the latest version. As of the time of writing, 14.7.5, 13.4.16, or 12.6.25.

Get Started

Build a Website

Relevance Trail

Feed an AngularJS App

Understand Hippo

Implement Hippo

Extend Hippo

Integrate Hippo

Run Hippo

Upgrade Hippo

Develop Hippo

Use Hippo

Report an Issue

Bloomreach Documentation version

Vulnerability disclosed in Netty