grpc-netty-shaded-1.71.0.jar reported vulnerablity query

[riteshopranjan]

One of our vulnerablity scan tool reported vulnerablities on the grpc-netty-shaded-1.71.0.jar for the dll used in this library - io_grpc_netty_shaded_netty_tcnative_windows_x86_64.dll.

CVE-2022-28331
CVE-2017-12613
CVE-2023-49582

The latest grpc-netty-shaded-1.73.0.jar seems to have same vulnerablities.
Are there any plan for fixing this? When can we expect a fix for the same?

[kannanjgithub]

Dependency on APR has long since been removed so grpc-netty-shaded isn't vulnerable to any of the 3 mentioned as they all relate to APR. See also issue 9679 answering this.