Closed kaklakariada closed 1 year ago
Error: Failed to execute goal org.sonatype.ossindex.maven:ossindex-maven-plugin:3.2.0:audit (default-cli) on project dynamodb-virtual-schema: Detected 2 vulnerable components: Error: io.netty:netty-handler:jar:4.1.94.Final:runtime; https://ossindex.sonatype.org/component/pkg:maven/io.netty/netty-handler@4.1.94.Final?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1 Error: * [CVE-2023-4586] CWE-300: Channel Accessible by Non-Endpoint ('Man-in-the-Middle') (6.5); https://ossindex.sonatype.org/vulnerability/CVE-2023-4586?component-type=maven&component-name=io.netty%2Fnetty-handler&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1 Error: org.apache.commons:commons-compress:jar:1.23.0:test; https://ossindex.sonatype.org/component/pkg:maven/org.apache.commons/commons-compress@1.23.0?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1 Error: * [CVE-2023-42503] CWE-20: Improper Input Validation (5.5); https://ossindex.sonatype.org/vulnerability/CVE-2023-42503?component-type=maven&component-name=org.apache.commons%2Fcommons-compress&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1