Skip to content

CVE-2025-55163 MadeYouReset HTTP/2 DDoS vulnerability #13753

New issue
New issue
Closed
Closed
CVE-2025-55163 MadeYouReset HTTP/2 DDoS vulnerability#13753
Labels
dependenciesPull requests that update a dependency file
@Melod-YI

Description

@Melod-YI
Melod-YI
opened on Aug 30, 2025

grpc-java因为依赖Netty,也会受CVE-2025-55163影响。
grpc社区已在最新的v1.75.0版本升级了Netty版本以修复该漏洞。 https://github.com/grpc/grpc-java/releases/tag/v1.75.0

请社区评估是否需要升级对应版本。

Metadata

Metadata

Assignees

No one assigned

    Labels

    dependenciesPull requests that update a dependency file

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions