cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

PHP agent linux agent vulnerabilities with library

Ryan.Mansfield
New Poster

The latest version of the linux x64 php-agent (21.7.0.4560) is packaged with some out of date components: netty (4.1.38).
Currently this has some CVEs logged against it:

CVE-2019-20445

CVE-2019-20444

 

RyanMansfield_0-1629734594781.png

under the path: /proxy/lib/tp/grpc-netty-shaded-1.24.0.jar

Anyone know if this is something that can be patched, or if there is an intention to include a more up-to-date version in a future build?

2 REPLIES 2

Ryan.Paredez
Community Manager

Hi @Ryan.Mansfield,

 

Thanks for reporting this. Let me share this with the right people and I'll report back!


Thanks,
Ryan, AppDynamics Community Manager



Found something helpful? Click the Accept as Solution button to help others find answers faster.
Liked something? Click the Thumbs Up button.

Hello @Ryan.Mansfield,

 

We are actively working on fixing the vulnerability.

 

Regards,

Manasa H G