chore(deps): update dependency io.netty:netty-codec-http to v4.1.125.final (main) #285
Mend for GitHub.com / WhiteSource Security Check
failed
Jan 28, 2026 in 1m 41s
Security Report
❌ New vulnerabilities:
| Vulnerability | Severity |  CVSS Score |
Exploit Maturity | EPSS | Vulnerable Library | Direct Library | Suggested Fix | Issue | Reachability |
|---|---|---|---|---|---|---|---|---|---|
CVE-2025-67735Path to dependency file: /build.gradle Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/io.netty/netty-codec-http/4.1.125.Final/e5c04e7e7885890cf03085cac4fdf837e73ef8ab/netty-codec-http-4.1.125.Final.jar Dependency Hierarchy: -> ❌ netty-codec-http-4.1.125.Final.jar (Vulnerable Library) |
 Medium |
6.5 | Not Defined | 0.0% | Direct netty-codec-http-4.1.125.Final.jar |
netty-codec-http-4.1.125.Final.jar | https://github.com/netty/netty.git - netty-4.2.8.Final,https://github.com/netty/netty.git - netty-4.1.129.Final | None |
|
✔️ Remediated vulnerabilities:
| Vulnerability | Vulnerable Library |
|---|---|
| CVE-2025-27820 | httpclient5-5.4.1.jar |
| CVE-2024-6763 | jetty-http-11.0.24.jar |
| CVE-2024-47554 | commons-io-2.11.0.jar |
| CVE-2025-48976 | commons-fileupload-1.5.jar |
| CVE-2025-58057 | netty-codec-4.1.119.Final.jar |
| CVE-2025-67735 | netty-codec-http-4.1.119.Final.jar |
| CVE-2024-57699 | json-smart-2.5.1.jar |
| CVE-2024-6763 | jetty-server-11.0.24.jar |
| CVE-2025-58057 | netty-codec-http-4.1.119.Final.jar |
| CVE-2025-58056 | netty-codec-http-4.1.119.Final.jar |
| CVE-2025-5115 | http2-common-11.0.24.jar |
Base branch total remaining vulnerabilities: 11
Base branch commit: 79992965f7bfaa9b0cbc9ff914ef0a878277971c
Total libraries scanned: 36
Scan token: b0d5d0ba621a4db6b97888f7f27728d8
Loading