search

apache / incubator-datalab

Apache DataLab (incubating)
https://datalab.apache.org/
Apache License 2.0
153 stars 58 forks source link

There is a vulnerability in dropwizard 1.3.2,upgrade recommended #1037

Open QiAnXinCodeSafe opened 3 years ago

QiAnXinCodeSafe commented 3 years ago

https://github.com/apache/incubator-datalab/blob/423fa3a4404326aaac6aebc68b80a0f86dd775b4/pom.xml#L72

CVE-2020-5245 CVE-2020-11002

Recommended upgrade version:1.3.21

pjfanning commented 2 years ago

this is updated in master - https://github.com/apache/incubator-datalab/blob/master/services/billing-aws/pom.xml