Closed thomaslorentsen closed 1 year ago
Hello there, we are using the Artifactory plugin which is dependent on this plugin.
Currently only version 2.4 of this plugin is available on Maven but we require a new release of this plugin to fix CVE-2022-37865.
2.4
This CVE is marked as a critical which prevents us from using the Artifactory plugin on our Jenkins Cluster.
Once this is fixed I can raise a PR to update the downstream dependencies on these lines:
Thank you for your attention to this matter
The original fix was made on PR-55.
What feature do you want to see added?
Hello there, we are using the Artifactory plugin which is dependent on this plugin.
Currently only version
2.4
of this plugin is available on Maven but we require a new release of this plugin to fix CVE-2022-37865.This CVE is marked as a critical which prevents us from using the Artifactory plugin on our Jenkins Cluster.
Once this is fixed I can raise a PR to update the downstream dependencies on these lines:
Thank you for your attention to this matter
Upstream changes
The original fix was made on PR-55.