Skip to content

Upgrade Protobuf Version to fix CVE-2024-7254 #481

New issue
New issue
Open
#482
Open
Upgrade Protobuf Version to fix CVE-2024-7254#481
#482
@tarun-google

Description

@tarun-google
tarun-google
opened on Feb 3, 2026

We are planning to use EnvoyRateLimiter in Apache Beam Java SDK. But there is a vulnerability with high severity. Can we upgrade the Protobuf version to resolve this. I can create a fix and raise PR

Design: https://s.apache.org/beam-api-ratelimiter

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions