Security Updates - Package Bumps

I have some open CVEs from recent scan of dgraph 23.1.0.
I am on the github page, but don’t see any way to submit a security issue…

Is there anybody actively updating dgraph dependencies??

CVE: CVE-2020-15114
PackageName: etcd

CVE: CVE-2023-39325
PackageName: http2

CVE: CVE-2023-44487
PackageName: grpc


Hi @rgsurfs, I responded to your email yesterday requesting additional information. Please direct all security concerns to Thanks!