Uploaded image for project: 'Isis'
  1. Isis
  2. ISIS-2300

Some CVEs in dependencies are threatening your project!

    XMLWordPrintableJSON

    Details

    • Type: Dependency upgrade
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.0.0-M3
    • Component/s: None
    • Labels:
      None

      Description

      Hi, I noticed that your project are using vulnerable libraries which are related to some CVEs. To prevent potential risk it may cause, I suggest a library update. Please look into the details below.

      Vulnerable Library Version: org.springframework : spring-web : 5.2.2.RELEASE
      CVE ID: [CVE-2020-5397](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5397), [CVE-2020-5398](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5398)
      Import Path: core/webapp/pom.xml, viewers/wicket/viewer/pom.xml
      Suggested Safe Versions: 5.2.3.RELEASE

      Vulnerable Library Version: org.apache.commons : commons-email : 1.4
      CVE ID: [CVE-2018-1294](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1294), [CVE-2017-9801](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9801)
      Import Path: core/runtime/pom.xml
      Suggested Safe Versions: 1.5

        Attachments

          Activity

            People

            • Assignee:
              hobrom Andi Huber
              Reporter:
              XuCY XuCongying
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: