Closed kaklakariada closed 6 months ago
Error: Failed to execute goal org.sonatype.ossindex.maven:ossindex-maven-plugin:3.2.0:audit (default-cli) on project spark-connector-jdbc_2.13: Detected 2 vulnerable components: Error: org.apache.commons:commons-compress:jar:1.24.0:compile; https://ossindex.sonatype.org/component/pkg:maven/org.apache.commons/commons-compress@1.24.0?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1 Error: * [CVE-2024-25710] CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') (8.1); https://ossindex.sonatype.org/vulnerability/CVE-2024-25710?component-type=maven&component-name=org.apache.commons%2Fcommons-compress&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1 Error: * [CVE-2024-26308] CWE-770: Allocation of Resources Without Limits or Throttling (7.5); https://ossindex.sonatype.org/vulnerability/CVE-2024-26308?component-type=maven&component-name=org.apache.commons%2Fcommons-compress&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1 Error: com.nimbusds:nimbus-jose-jwt:jar:9.8.1:provided; https://ossindex.sonatype.org/component/pkg:maven/com.nimbusds/nimbus-jose-jwt@9.8.1?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1 Error: * [CVE-2023-52428] CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion') (7.5); https://ossindex.sonatype.org/vulnerability/CVE-2023-52428?component-type=maven&component-name=com.nimbusds%2Fnimbus-jose-jwt&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1