Snyk: libsnowflakeclient org.apache.velocity:velocity 1.7 | Snyk ID - SNYK-JAVA-ORGAPACHEVELOCITY-3116414

Question

Closed this issue 8 months ago · 1 comments

Title: Snyk: libsnowflakeclient org.apache.velocity:velocity 1.7
Additional information on Snyk can be found here: https://snyk.io/org/snowflakedb-sca-scanning-public-repo/project/2c3699a7-7835-40f3-b3d9-5c315754e1f6
Repo: libsnowflakeclient
CVE: CVE-2020-13936
Package Type: java
Package Name: org.apache.velocity:velocity
Package Version: 1.7
Snyk ID: SNYK-JAVA-ORGAPACHEVELOCITY-3116414
Vulnerability URL: http://security.snyk.io/vuln/SNYK-JAVA-ORGAPACHEVELOCITY-3116414
Severity: high
Introduced Date: 2023-06-30
Projects with Vulnerability: snowflakedb/libsnowflakeclient:deps/aws-sdk-cpp-1.3.50/code-generation/generator/pom.xml
Target File: deps/aws-sdk-cpp-1.3.50/code-generation/generator/pom.xml
JIRA Ticket: https://snowflakecomputing.atlassian.net/browse/SNOW-949039

Answer 1 · 2023-11-22T23:12:24.000Z

fixed in 1.0.1 #523