Closed morazow closed 1 year ago
Nightly dependency check is failing with the following findings:
Failed to execute goal org.sonatype.ossindex.maven:ossindex-maven-plugin:3.2.0:audit (default-cli) on project cloud-storage-extension: Detected 1 vulnerable components: Error: org.wildfly.openssl:wildfly-openssl:jar:1.0.7.Final:compile; https://ossindex.sonatype.org/component/pkg:maven/org.wildfly.openssl/wildfly-openssl@1.0.7.Final?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1 Error: * [CVE-2019-14887] CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') (9.1); https://ossindex.sonatype.org/vulnerability/CVE-2019-14887?component-type=maven&component-name=org.wildfly.openssl%2Fwildfly-openssl&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
Situation
Nightly dependency check is failing with the following findings:
Acceptance Criteria