janpaul1988 opened a new issue, #2719: URL: https://github.com/apache/karaf/issues/2719
Our vulnerability check tool is blocking all Apache Karaf artifacts (at least assembly) from the line 4.4.x (at least) https://www.cve.org/CVERecord?id=CVE-2025-25247 There is a critical CVE (9.8) from Apache Felix, affected from Version 4.x through 4.9.8 affected from Version 5.x through 5.0.8 Is it possible to fix this issue (backwards?) by upgrading the felix version? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
