[DepShield] Usage of org.codehaus.groovy:groovy-all:2.1.5 results in vulnerability to [CVE-2015-3253] Improper Neutralization of Special Elements in Output Used by a Downstream Component ("Injection")
sonatype-depshield opened this issue · 2 comments
This application's usage of org.codehaus.groovy:groovy-all:2.1.5 causes a vulnerability to [CVE-2015-3253] Improper Neutralization of Special Elements in Output Used by a Downstream Component ("Injection") with a CVSS score of 9.8. Details about the vulnerability are available on the OSS Index page for [CVE-2015-3253] Improper Neutralization of Special Elements in Output Used by a Downstream Component ("Injection").
This is an automated GitHub Issue created by Sonatype DepShield. GitHub Apps, including DepShield, can be managed from the Developer settings of the repository administrators.
Thank you for being an early adopter of DepShield. In an effort provide a
more component-centric view of vulnerabilities we are consolidating your
issue(s), moving them to a new format, and closing this issue. You can
find the new issue here: #16