Hi Swathi, In this case the PR reviews happened on a private repo because the CVE wasn't public at that time. On the 3.3 branches you can look at/cherry-pick commits 015d7aede6cbd350d56d75006930dd2bf89a4a5a and b2b928338c7226b41a73786df27a2127eaa32ab2.
Kind regards, Tom On Mon, 26 Sept 2022 at 15:19, Swathi Mocharla <swathi.mocha...@gmail.com> wrote: > Hi, > CVE: https://nvd.nist.gov/vuln/detail/CVE-2022-34917 > Could you please help with the PR that fixed this vulnerability? We are > looking to apply the patch that fixes this and we are unable to find it. > Thanks, > Swathi >
