Edit the parent pom.xml so that bouncycastle is at 1.75.
Tilman On 06.07.2023 18:01, vijaya Panchak wrote:
[*INFO*] *------------------------------------------------------------------------*[*ERROR*] Failed to execute goal org.sonatype.ossindex.maven:ossindex-maven-plugin:3.2.0:audit*(audit-dependencies)* on project tika-parser-digest-commons: *Detected 1 vulnerable components:*[*ERROR*] *org.bouncycastle:bcprov-jdk18on:jar:1.73:compile; https://ossindex.sonatype.org/component/pkg:maven/org.bouncycastle/[email protected]?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1 <https://ossindex.sonatype.org/component/pkg:maven/org.bouncycastle/[email protected]?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1>*[*ERROR*] ** [CVE-2023-33201] CWE-200: Information Exposure (6.5); https://ossindex.sonatype.org/vulnerability/CVE-2023-33201?component-type=maven&component-name=org.bouncycastle%2Fbcprov-jdk18on&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1 <https://ossindex.sonatype.org/vulnerability/CVE-2023-33201?component-type=maven&component-name=org.bouncycastle%2Fbcprov-jdk18on&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1>*[*ERROR*] [*ERROR*] -> *[Help 1]**org.apache.maven.lifecycle.LifecycleExecutionException*: *Failed to execute goal **org.sonatype.ossindex.maven:ossindex-maven-plugin:3.2.0:audit**(audit-dependencies)* on project tika-parser-digest-commons: *Detected 1 vulnerable components:**org.bouncycastle:bcprov-jdk18on:jar:1.73:compile; https://ossindex.sonatype.org/component/pkg:maven/org.bouncycastle/[email protected]?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1 <https://ossindex.sonatype.org/component/pkg:maven/org.bouncycastle/[email protected]?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1>*** [CVE-2023-33201] CWE-200: Information Exposure (6.5); https://ossindex.sonatype.org/vulnerability/CVE-2023-33201?component-type=maven&component-name=org.bouncycastle%2Fbcprov-jdk18on&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1 <https://ossindex.sonatype.org/vulnerability/CVE-2023-33201?component-type=maven&component-name=org.bouncycastle%2Fbcprov-jdk18on&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1>*
