Vulnerability Reported: io.netty:netty-codec-http
CVE: CVE-2024-29025
Current Version: 4.1.107.Final
Fixed Version: 4.1.108
Server: Data Aggregator
Location:$DA_HOME/IMDataAggregator/maven_repository/io/netty/netty-codec-http/4.1.107.Final/netty-codec-http-4.1.107.Final.jar
All supported DX NetOps Performance Management Data Aggregator releases 23.3.9 and older.
The Data Aggregator will be upgraded to the 4.1.108.Final release at a minimum starting with DX NetOps release 23.3.10.
Upgrade to 23.3.10 or newer releases to resolve this.
This is being tracked in engineering through Feature ID F145844. If additional information is needed open a new Support case referencing this KB article for additional information.