Uploaded image for project: 'Camel'
  1. Camel
  2. CAMEL-13169

c3p0 dependent version (0.9.5.2) has a security vulnerability (CVE-2018-20433)

    XMLWordPrintableJSON

    Details

    • Estimated Complexity:
      Unknown

      Description

      camel-quartz2 latest version (2.23.1) has a dependency on c3p0 version 0.9.5.2 and that version has a security vulnerability (CVE-2018-20433)
      source: https://nvd.nist.gov/vuln/detail/CVE-2018-20433

      The issue seems to be resolved by updating the dependency of c3p0 to 0.9.5.3. Please, update the camel-quartz2 to use newest version of c3p0 (0.9.5.3 at the time of writing this).

        Attachments

          Activity

            People

            • Assignee:
              acosentino Andrea Cosentino
              Reporter:
              aciokler Abraham Ciokler
            • Votes:
              2 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: