davhaus commented on issue #1997:
URL: https://github.com/apache/activemq/issues/1997#issuecomment-4792183715

   Does applicability of a given CVE matter? jasypt is EOL as of last fall with 
the last release published 6 years ago. That alone is a critical finding in 
some settings and can only be addressed by outright replacement.
   
   https://github.com/jasypt/jasypt:
   
   <img width="676" height="52" alt="Image" 
src="https://github.com/user-attachments/assets/68d19ab3-469c-438e-97d3-422163847f6e";
 />
   ...
   
   <img width="1050" height="193" alt="Image" 
src="https://github.com/user-attachments/assets/27fea431-a7a7-4e3f-84bf-d01050601e34";
 />


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact


Reply via email to