High CVE-2026-21452 via msgpack dependency

The version of msgpack [used by this repo](https://github.com/ably/ably-java/blob/main/gradle/libs.versions.toml#L5) is 0.8.11. A denial-of-service vulnerability [CVE-2026-21452](https://www.cve.org/CVERecord?id=CVE-2026-21452) exists in versions prior to 0.9.11.

Can the version of msgpack be upgraded to 0.9.11 or later so that this vulnerability is fixed?

┆Issue is synchronized with this [Jira Task](https://ably.atlassian.net/browse/ECO-5681) by [Unito](https://www.unito.io)


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

High CVE-2026-21452 via msgpack dependency #1187

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

High CVE-2026-21452 via msgpack dependency #1187

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions