The indicated CVE-2025-24970 is coming from io.netty:netty-handler:4.1.101.Final --> com.azure:azure-core-http-netty:1.14.1.
When com.azure:azure-core-http-netty can be upgraded to version 1.15.10 or higher then this CVE is fixed.
I found this Dependabot security alert reported in one of my projects.
The indicated CVE-2025-24970 is coming from io.netty:netty-handler:4.1.101.Final --> com.azure:azure-core-http-netty:1.14.1.
When com.azure:azure-core-http-netty can be upgraded to version 1.15.10 or higher then this CVE is fixed.
I found this Dependabot security alert reported in one of my projects.