Vulnerabilities CVE-2024-7254 and CVE-2025-55163

Hello,

While analyzing dependencies in IntelliJ IDEA, I identified the following vulnerabilities in version 1.16.1:
- **[CVE-2024-7254](https://www.mend.io/vulnerability-database/CVE-2024-7254)** in `com.google.protobuf:protobuf-java:3.25.3`,
- **[CVE-2025-55163](https://www.mend.io/vulnerability-database/CVE-2025-55163)** in `io.grpc:grpc-netty-shaded:1.68.2`.

Could these dependencies be bumped to their latest secure versions in the next release?

Thank you for considering this.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Vulnerabilities CVE-2024-7254 and CVE-2025-55163 #98

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Vulnerabilities CVE-2024-7254 and CVE-2025-55163 #98

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions