[jira] [Updated] (JCRVLT-818) Vault CLI contains embedded vulnerable libraries

Konrad Windszus (Jira) Sun, 07 Sep 2025 07:05:23 -0700


     [ 
https://issues.apache.org/jira/browse/JCRVLT-818?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Konrad Windszus updated JCRVLT-818:
-----------------------------------
    Description: 
* logback-classic 1.2.10: 
[CVE-2023-6378|https://logback.qos.ch/news.html#1.3.12]
 * jackrabbit 2.20.16: 
[CVE-2025-53689|https://www.cve.org/CVERecord?id=CVE-2025-53689]

  was:
* logback-classic 1.2.10 
[CVE-2023-6378](https://logback.qos.ch/news.html#1.3.12)
* jackrabbit 2.20.16 
[CVE-2025-53689](https://www.cve.org/CVERecord?id=CVE-2025-53689)


> Vault CLI contains embedded vulnerable libraries
> ------------------------------------------------
>
>                 Key: JCRVLT-818
>                 URL: https://issues.apache.org/jira/browse/JCRVLT-818
>             Project: Jackrabbit FileVault
>          Issue Type: Improvement
>    Affects Versions: 4.0.0
>            Reporter: Konrad Windszus
>            Priority: Major
>             Fix For: 4.0.2
>
>
> * logback-classic 1.2.10: 
> [CVE-2023-6378|https://logback.qos.ch/news.html#1.3.12]
>  * jackrabbit 2.20.16: 
> [CVE-2025-53689|https://www.cve.org/CVERecord?id=CVE-2025-53689]



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (JCRVLT-818) Vault CLI contains embedded vulnerable libraries

Reply via email to