search

exasol / udf-debugging-java

Utilities for debugging, profiling and code coverage measure for UDFs.
MIT License
1 stars 1 forks source link

Fix vulnerabilities in org.apache.commons:commons-compress:jar:1.24.0:compile #63

Closed kaklakariada closed 6 months ago

kaklakariada commented 6 months ago 
 Error:  Failed to execute goal org.sonatype.ossindex.maven:ossindex-maven-plugin:3.2.0:audit (default-cli) on project udf-debugging-java: Detected 1 vulnerable components:
Error:    org.apache.commons:commons-compress:jar:1.24.0:compile; https://ossindex.sonatype.org/component/pkg:maven/org.apache.commons/commons-compress@1.24.0?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
Error:      * [CVE-2024-25710] CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') (8.1); https://ossindex.sonatype.org/vulnerability/CVE-2024-25710?component-type=maven&component-name=org.apache.commons%2Fcommons-compress&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
Error:      * [CVE-2024-26308] CWE-770: Allocation of Resources Without Limits or Throttling (7.5); https://ossindex.sonatype.org/vulnerability/CVE-2024-26308?component-type=maven&component-name=org.apache.commons%2Fcommons-compress&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1