exasol/s3-document-files-virtual-schema

Dependency upgrade

ckunki opened this issue a year ago · 0 comments

ckunki commented a year ago

See log messages from build job Dependency Check:

io.netty:netty-handler:jar:4.1.86.Final in runtime
- CVE-2023-34462, severity CWE-770: Allocation of Resources Without Limits or Throttling (6.5)
org.xerial.snappy:snappy-java:jar:1.1.8.3 in compile
- CVE-2023-34453, severity CWE-190: Integer Overflow or Wraparound (7.5)
- CVE-2023-34454, severity CWE-190: Integer Overflow or Wraparound (7.5)
- CVE-2023-34455, severity CWE-770: Allocation of Resources Without Limits or Throttling (7.5)

Excluded vulnerabilities:

[CVE-2020-36641] CWE-611: Improper Restriction of XML External Entity Reference ('XXE') (9.8); https://ossindex.sonatype.org/vulnerability/CVE-2020-36641?component-type=maven&component-name=fr.turri%2FaXMLRPC&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1