Various CVE are reported: CVE-2024-7254, sonatype-2024-0639 #352

yeikel · 2024-10-01T14:39:48Z

Hi team,

I tried to pull this dependency but the following CVEs are reported that prevent me from doing so:

CVE-2024-7254
sonatype-2024-0639

Could you please fix this?

yeikel · 2024-10-09T11:21:46Z

It seems that the latest release fixed many of the vulnerabilities. Now only the following are pending

9	Security-High	High risk CVSS score	Found security vulnerability CVE-2024-7254 with severity >= 7 (severity = 8.7)Found security vulnerability CVE-2024-7254 with severity < 9 (severity = 8.7)
9	Security-High	High risk CVSS score	Found security vulnerability sonatype-2024-0639 with severity >= 7 (severity = 7.5)Found security vulnerability sonatype-2024-0639 with severity < 9 (severity = 7.5)

yeikel changed the title ~~Fix CVE-2023-2976~~ Fix CVE-2023-2976, CVE-2023-34453, CVE-2023-34454, CVE-2023-34455 , CVE-2024-7254, sonatype-2024-0639 Oct 2, 2024

yeikel changed the title ~~Fix CVE-2023-2976, CVE-2023-34453, CVE-2023-34454, CVE-2023-34455 , CVE-2024-7254, sonatype-2024-0639~~ Various CVE are reported: CVE-2023-2976, CVE-2023-34453, CVE-2023-34454, CVE-2023-34455 , CVE-2024-7254, sonatype-2024-0639 Oct 2, 2024

yeikel changed the title ~~Various CVE are reported: CVE-2023-2976, CVE-2023-34453, CVE-2023-34454, CVE-2023-34455 , CVE-2024-7254, sonatype-2024-0639~~ Various CVE are reported: CVE-2024-7254, sonatype-2024-0639 Oct 9, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Various CVE are reported: CVE-2024-7254, sonatype-2024-0639 #352

Various CVE are reported: CVE-2024-7254, sonatype-2024-0639 #352

yeikel commented Oct 1, 2024 •

edited

Loading

yeikel commented Oct 9, 2024

Various CVE are reported: CVE-2024-7254, sonatype-2024-0639 #352

Various CVE are reported: CVE-2024-7254, sonatype-2024-0639 #352

Comments

yeikel commented Oct 1, 2024 • edited Loading

yeikel commented Oct 9, 2024

yeikel commented Oct 1, 2024 •

edited

Loading