Skip to content

Commit 8b34372

Browse files
committed
Bump reactor-netty-http to 1.2.18 to remediate CVE-2026-41715
1 parent 8d1ddf1 commit 8b34372

1 file changed

Lines changed: 7 additions & 0 deletions

File tree

pom.xml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -58,6 +58,7 @@
5858
<jackson.version>2.21.2</jackson.version>
5959
<snakeyaml.version>2.0</snakeyaml.version>
6060
<netty.version>4.1.135.Final</netty.version>
61+
<reactor-netty-http.version>1.2.18</reactor-netty-http.version>
6162
</properties>
6263
<modules>
6364
<module>streaming-ai</module>
@@ -251,6 +252,12 @@
251252
<artifactId>netty-transport-native-unix-common</artifactId>
252253
<version>${netty.version}</version>
253254
</dependency>
255+
<!-- Override transitive dependency version to fix vulnerability -->
256+
<dependency>
257+
<groupId>io.projectreactor.netty</groupId>
258+
<artifactId>reactor-netty-http</artifactId>
259+
<version>${reactor-netty-http.version}</version>
260+
</dependency>
254261
</dependencies>
255262
</dependencyManagement>
256263
<build>

0 commit comments

Comments
 (0)