Open jpcmonster opened 2 years ago
Package URl pkg:maven/org.apache.wink/wink-server@1.1.2-incubating
CPE cpe:2.3:a:apache:wink:1.1.2::::::: cpe:2.3:a:wink:wink:1.1.2:::::::
CVE https://nvd.nist.gov/vuln/detail/CVE-2017-5249
ODC Integration {"label"=>"Gradle Plugin"}
ODC Version 7.0.4
Description CVE-2017-5249 is incorrectly reported for org.apache.wink:wink-server:1.1.2-incubating; this CVE appears to be associated with a different android Wink (no mention of apache) https://www.rapid7.com/blog/post/2017/09/22/multiple-vulnerabilities-in-wink-and-insteon-smart-home-systems/ It does not appear that other sources report direct vulnerabilities in apache wink 1.1.2: https://mvnrepository.com/artifact/org.apache.wink/wink-server/1.1.2-incubating https://snyk.io/vuln/maven:org.apache.wink:wink-server
@jeremylong very sorry if I filed this incorrectly - did I overlook a doc on FP filing? just checking, sorry to bother.
Package URl pkg:maven/org.apache.wink/wink-server@1.1.2-incubating
CPE cpe:2.3:a:apache:wink:1.1.2::::::: cpe:2.3:a:wink:wink:1.1.2:::::::
CVE https://nvd.nist.gov/vuln/detail/CVE-2017-5249
ODC Integration {"label"=>"Gradle Plugin"}
ODC Version 7.0.4
Description CVE-2017-5249 is incorrectly reported for org.apache.wink:wink-server:1.1.2-incubating; this CVE appears to be associated with a different android Wink (no mention of apache) https://www.rapid7.com/blog/post/2017/09/22/multiple-vulnerabilities-in-wink-and-insteon-smart-home-systems/ It does not appear that other sources report direct vulnerabilities in apache wink 1.1.2: https://mvnrepository.com/artifact/org.apache.wink/wink-server/1.1.2-incubating https://snyk.io/vuln/maven:org.apache.wink:wink-server