-
**Describe the bug**
Hi, I just included the version `1.3.0-alpha.2` skrape.it into my project, and IntelliJ reports that the package depends on vulnerable versions of quite a few libraries. When I t…
-
## CVE-2022-42920 - Critical Severity Vulnerability
Vulnerable Library - bcel-6.5.0.jar
Apache Commons Bytecode Engineering Library
Library home page: https://commons.apache.org/proper/commons-bcel
…
-
when I set :
```
database.type=mysql
mysql.port=3306
mysql.host=localhost
mysql.database=azkaban
mysql.user=azkaban
mysql.password=
mysql.numconnections=100
```
I got this:
```
org.apache.commons.d…
-
I was having the problem to run jmxtrans as a Windows service. I tried implementing it with apache procrun. Sadly procrun expects the start/stop methods to be static void and have the argument (String…
-
Hi,
We have incorporated this into our larger code and when it hits a certain type of file it will completely crash out and then cause our code to trip over.
I have managed to make up some dummy d…
-
After Paris, a medium-term need to detect and possible dependencies on GPL elements @anjackson
-
Originally raised in https://github.com/spring-projects/spring-boot/issues/42929 by @milazzo-g. This looks like a problem introduced by #33712, but I'm not sure if the fix should be in framework or th…
-
A first step would be to check the vulnerabilities that present `Apache` in their CPE as vendor. We can then construct a purl by taking `org.apache` + Product + `:` + Product, e.g. `org.apache.tomcat:…
-
Following the getting started instructions, `./mvnw clean verify -Pintegration-test` results in:
```
[INFO] ------------------------------------------------------------------------
[INFO] Reactor…
-
It's being inherited from `log4j-bom`. In 3.2.x (Log4j 2.21), it's contributing management for the following dependencies:
- `biz.aQute.bnd:biz.aQute.bnd.annotation:6.4.1`
- `com.github.spotbugs:s…