Closed ndushay closed 7 years ago
There is a security vulnerability with commons-collections.jar 3.2.1; this code base seems to require it.unimi.dsi:dsiutils:jar:2.0.12 which in turn uses commons-collections:commons-collections:jar:3.2.1 which is vulnerable:
it.unimi.dsi:dsiutils:jar:2.0.12
commons-collections:commons-collections:jar:3.2.1
[INFO] --- maven-dependency-plugin:2.8:tree (default-cli) @ openwayback-cdx-server --- [INFO] org.netpreserve.openwayback:openwayback-cdx-server:war:2.0.0 [INFO] +- org.netpreserve.commons:webarchive-commons:jar:1.1.4:compile <snip> [INFO] | | +- commons-collections:commons-collections:jar:3.2.1:compile
There is a security vulnerability with commons-collections.jar 3.2.1; this code base seems to require
it.unimi.dsi:dsiutils:jar:2.0.12which in turn usescommons-collections:commons-collections:jar:3.2.1which is vulnerable: