JetS3t (pronounced "jet-set") is a free, open-source Java toolkit and application suite for Amazon Simple Storage Service (Amazon S3), Amazon CloudFront content delivery network, and Google Storage for Developers.
Apache License 2.0
26
stars
12
forks
source link
Multiple security issues from Transitive Dependencies #15
Per the mvnrepository report on the latest release 0.9.7 (thank you btw!) there are a number of open CVEs. All of these seem to come from transitive dependencies from Apache Commons projects, not jets3t itself
Per the mvnrepository report on the latest release 0.9.7 (thank you btw!) there are a number of open CVEs. All of these seem to come from transitive dependencies from Apache Commons projects, not jets3t itself
https://mvnrepository.com/artifact/org.jets3t/jets3t/0.9.7
Suggested fixes from above link:
com.fasterxml.jackson.core » jackson-databind => 2.9.7 upgrade to 2.13.1 org.apache.httpcomponents » httpclient => 4.5.9 upgrade to 4.5.13 org.bouncycastle » bcprov-jdk15on => 1.62 upgrade to 1.70