[
https://issues.apache.org/jira/browse/ZOOKEEPER-4716?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Mate Szalay-Beko updated ZOOKEEPER-4716:
----------------------------------------
Description:
{code:java}
[INFO] Finished at: 2023-06-30T13:23:38+02:00
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.owasp:dependency-check-maven:7.1.0:check
(default-cli) on project zookeeper:
[ERROR]
[ERROR] One or more dependencies were identified with vulnerabilities that have
a CVSS score greater than or equal to '0.0':
[ERROR]
[ERROR] jackson-core-2.13.4.jar: CVE-2022-45688(7.5)
[ERROR] jackson-databind-2.13.4.2.jar: CVE-2023-35116(7.5)
{code}
> Fix jackson related CVEs: CVE-2022-45688, CVE-2023-35116
> --------------------------------------------------------
>
> Key: ZOOKEEPER-4716
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4716
> Project: ZooKeeper
> Issue Type: Improvement
> Affects Versions: 3.8.1
> Reporter: Mate Szalay-Beko
> Assignee: Mate Szalay-Beko
> Priority: Major
>
> {code:java}
> [INFO] Finished at: 2023-06-30T13:23:38+02:00
> [INFO]
> ------------------------------------------------------------------------
> [ERROR] Failed to execute goal org.owasp:dependency-check-maven:7.1.0:check
> (default-cli) on project zookeeper:
> [ERROR]
> [ERROR] One or more dependencies were identified with vulnerabilities that
> have a CVSS score greater than or equal to '0.0':
> [ERROR]
> [ERROR] jackson-core-2.13.4.jar: CVE-2022-45688(7.5)
> [ERROR] jackson-databind-2.13.4.2.jar: CVE-2023-35116(7.5)
> {code}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
