https://bugzilla.redhat.com/show_bug.cgi?id=1944888
--- Comment #2 from Yadnyawalk Tale ytale@redhat.com --- Statement:
Red Hat Satellite ships vulnerable netty version embedded in Candlepin, however, is not directly vulnerable since HTTP requests are handled by Tomcat and not netty.