That CVE is invalid, please see
https://nvd.nist.gov/vuln/detail/CVE-2022-40160

You should rely on official CVE databases like nist.gov.

Gary



On Fri, Jun 30, 2023, 09:04 Debraj Manna <subharaj.ma...@gmail.com> wrote:

> commons-jxpath 1.3 is also getting flagged for CVE-2022-401
> <https://security.snyk.io/vuln/SNYK-JAVA-COMMONSJXPATH-3040994>59.
>
> On Fri, Jun 30, 2023 at 6:28 PM Debraj Manna <subharaj.ma...@gmail.com>
> wrote:
>
> > Hi
> >
> > We have been flagged for CVE-2022-401600
> > <https://security.snyk.io/vuln/SNYK-JAVA-COMMONSJXPATH-3040995> on
> > commons-jxpath, version 1.3.
> >
> > Can someone let me know commons-jxpath is really affected by this
> > vulnerability? If yes, is there any plan to fix this?
> >
>

Reply via email to