https://bugzilla.redhat.com/show_bug.cgi?id=1816216
Yadnyawalk Tale <ytale(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Comment|27 |updated
--- Comment #27 has been edited ---
Statement:
In OpenShift Container Platform end users don't have direct access to send
requests to ElasticSearch. A user could need access to the ElasticSearch
service on the internal cluster network in order to be able to send malicious
requests to it.
Red Hat Satellite 6.7 and earlier ship affected version of netty and its
dependency, however, there is no external connection being exposed and it is
used by only Artemis to open an internal connection within the JVM. Since netty
does not come into contact with untrusted data, vulnerability is not exposed in
product code. We may update the netty and its dependency in a future release.
--
You are receiving this mail because:
You are on the CC list for the bug.