Closed Zzm0809 closed 1 week ago
jmx_prometheus_javaagent 0.16.1 CVE: CVE-2022-25857, CVE-2022-38752, CVE-2022-1471 See details in https://github.com/prometheus/jmx_exporter/releases
snakeyaml 1.33 CVE: CVE-2022-1471 See detail in https://bitbucket.org/snakeyaml/snakeyaml/wiki/Changes Related issues: https://github.com/StevenBuglione/spring-boot-2-snakeyaml2-upgrade https://github.com/Tencent/spring-cloud-tencent/issues/982 支持或者兼容 Snakeyaml 2.0 https://blog.csdn.net/LJQClqjc/article/details/128388601 漏洞深度分析|CVE-2022-1471 SnakeYaml 命令执行漏洞 https://blog.csdn.net/weixin_44981472/article/details/131943181 nakeyaml升级2.0版本遇见的坑,解决办法
guava 31.1-jre CVE: CVE-2023-2976, CVE-2020-8908 See details in https://github.com/google/guava/releases
Hello @, this issue has not been active for more than 30 days. This issue will be closed in 7 days if there is no response. If you have any questions, you can comment and reply.
你好 @, 这个 issue 30 天内没有活跃,7 天后将关闭,如需回复,可以评论回复。
Search before asking
Description
Vulnerabilities in dependencies need to be improved all pom.xml
Use case
No response
Related issues
No response
Are you willing to submit a PR?
Code of Conduct