2 new Critical Vulnerabilities found
pierre-on-de opened this issue · 0 comments
pierre-on-de commented
Within your code, you will reference to org.apache.commons/commons-compress in Version 1.21.
For this version two critical CVE's are listed:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26308
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25710
Please could you update your sources, using a newer version of commons-compress, >= 1.26.0, where this issue is fixed?
