Fix CVE-2023-42503 in `org.apache.commons:commons-compress`

Question

Fix CVE-2023-42503 in `org.apache.commons:commons-compress`

kaklakariada opened this issue a year ago · 0 comments

Error:  Failed to execute goal org.sonatype.ossindex.maven:ossindex-maven-plugin:3.2.0:audit (default-cli) on project bucketfs-java: Detected 1 vulnerable components:
Error:    org.apache.commons:commons-compress:jar:1.22:test; https://ossindex.sonatype.org/component/pkg:maven/org.apache.commons/commons-compress@1.22?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
Error:      * [CVE-2023-42503] CWE-20: Improper Input Validation (5.5); https://ossindex.sonatype.org/vulnerability/CVE-2023-42503?component-type=maven&component-name=org.apache.commons%2Fcommons-compress&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1