Closed aaron-kumar closed 2 years ago
There is no fixed version available from org.apache.commons:commons-dbcp2 for this vulnerability, hence closing this issue for now
Reopening as fix is now available : https://snyk.io/vuln/SNYK-JAVA-ORGAPACHECOMMONS-559327
Fixed with commit # : aba6c93935cf1994a39002749b6bb43526c6fd26
Fixed vulnerability in Oxalis release v5.0.6
SAST tool reported low vulnerability for library : commons-dbcp2
network.oxalis:oxalis-outbound@5.0.1 ---org.apache.commons:commons-dbcp2@2.2.0
network.oxalis:oxalis-statistics@5.0.1 ---network.oxalis:oxalis-persistence@5.0.1 ------org.apache.commons:commons-dbcp2@2.2.0