[MNG-6312] Update Maven Wagon dependency - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Dependency upgrade
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 3.5.0
Fix Version/s: 3.5.3
Component/s: None
Labels:
None

Description

Based on OWASP report - update Maven Wagon from 2.12 to 3.0.0 to fix known vulnerability in shaded jsoup

wagon-http-2.12-shaded.jar\META-INF/maven/org.jsoup/jsoup/pom.xml (cpe:/a:jsoup:jsoup:1.7.2, org.jsoup:jsoup:1.7.2) : CVE-2015-6748

Attachments

Activity

People

Assignee:: Karl Heinz Marbaise

Reporter:: Sylwester Lachiewicz

Votes:: 1 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 24/Nov/17 18:27

Updated:: 28/Mar/20 15:01

Resolved:: 18/Jan/18 18:56