Provide the list of vulnerable classes of grpc-netty-shaded 1.62.2

[Archana-toran]

Following up on issue #4180, requesting clarification regarding CVE-2025-55163 and its impact on the spring-cloud-gcp-dependencies.

As mentioned in #4180, there are concerns about CVE-2025-55163 affecting certain components in the Spring Cloud GCP ecosystem. However, there seems to be some uncertainty about the actual impact and scope. Hence, we are requesting to provide the necessary information below.

Vulnerable Library we used:
Library name: grpc-netty-shaded
Version: 1.62.2

Questions/Requests:

1. Vulnerable Classes Identification:
    Could you please provide a detailed list of the exact classes that are vulnerable to [CVE-2025-55163(https://github.com/advisories/GHSA-prj3-ccx8-p6x4)?
    Which of these vulnerable classes are used by gRPC components in spring-cloud-gcp?

[kannanjgithub]

The vulnerability was via io.netty classes and grpc-netty-shaded-1.75.0 avoids the vulnerability. You can use a version of spring-cloud-gcp that pulls in 1.75.0+ of gRPC or you can yourself force grpc-netty-shaded version to a higher version in the dependency management of your application.