Open ZacBranson opened 1 day ago
The project should have no CVEs, but there are two related to logback 1.2.12.
MVN Repository reports two CVEs for the current release. Specifically, CVE-2023-6481 CVE-2023-6378.
These are both related to the logback dependency. Currently, db-scheduler use logback 1.2.12. There is a patch release, 1.2.13, that addressed both CVEs.
I'd be happy to submit a PR for this if the suggestion is accepted.
Please do 👍😊
Expected Behavior
The project should have no CVEs, but there are two related to logback 1.2.12.
Current Behavior
MVN Repository reports two CVEs for the current release. Specifically, CVE-2023-6481 CVE-2023-6378.
These are both related to the logback dependency. Currently, db-scheduler use logback 1.2.12. There is a patch release, 1.2.13, that addressed both CVEs.
Context
Logs