Hi!
during our dependency check the following came along:
One or more dependencies were identified with vulnerabilities that have a CVSS score greater than or equal to '9,0':
haplogrep-3.2.1.jar: itextpdf-5.1.2.jar: CVE-2022-37109(9.8)
Is it possible to fix this CVE problem?
I'm also not sure which dependency uses itextpdf in haplogrep. But perhaps it is possible to upgrade the specific dependency?
Hi! during our dependency check the following came along:
One or more dependencies were identified with vulnerabilities that have a CVSS score greater than or equal to '9,0': haplogrep-3.2.1.jar: itextpdf-5.1.2.jar: CVE-2022-37109(9.8)
Is it possible to fix this CVE problem? I'm also not sure which dependency uses itextpdf in haplogrep. But perhaps it is possible to upgrade the specific dependency?
With kind regards, Jennifer