[ https://issues.apache.org/jira/browse/TAMAYA-386?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16824522#comment-16824522 ]
Aaron Coburn commented on TAMAYA-386: ------------------------------------- I saw this issue with vertx, too. Currently, that example project isn't built at all, and if it were, there's a circular dependency issue because it relies on some org.apache.tamaya.ext packages (tamaya-injection and tamaya-injection-api). Maybe that example should be moved into the tamaya-extensions repository. > Fix CVE warnings in Tamaya-core: Vertx > -------------------------------------- > > Key: TAMAYA-386 > URL: https://issues.apache.org/jira/browse/TAMAYA-386 > Project: Tamaya > Issue Type: Improvement > Affects Versions: 0.4-incubating > Reporter: Philipp Ottlinger > Assignee: Philipp Ottlinger > Priority: Major > Fix For: 0.4-incubating > > > Fix current CVE-alerts in Tamaya-Core: > [https://github.com/apache/incubator-tamaya/network/alerts] > * (/) Vertx >=3.5.4 > ** [https://nvd.nist.gov/vuln/detail/CVE-2018-12537] > ** [https://nvd.nist.gov/vuln/detail/CVE-2018-12541] > * (x) Checkstyle >=8.18 - [https://nvd.nist.gov/vuln/detail/CVE-2019-9658] > ** Plain update does not work - see comment. -- This message was sent by Atlassian JIRA (v7.6.3#76005)