Uploaded image for project: 'Sling'
  1. Sling
  2. SLING-10284

Dependency check fails on CVE-2015-2944 for Sling Resource Merger 1.4.0

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Invalid
    • Affects Version/s: Resource Merger 1.4.0
    • Fix Version/s: None
    • Component/s: ResourceResolver
    • Labels:
      None

      Description

      Failed to execute goal org.owasp:dependency-check-maven:5.3.0:check (check-dependencies-for-vulnerabilities) on project dependencies:

      One or more dependencies were identified with vulnerabilities:

      org.apache.sling.resourcemerger-1.4.0.jar: CVE-2015-2944

      See the dependency-check report for more details.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              Henry Kuijpers Henry Kuijpers
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: