There is a critical (9.8) severity vulnerability in the latest stable release of wunderboss-core.
CVE-2017-5929 (9.8 Critical) - link
QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components.
This vulnerability is affecting logback-core 1.1.3, which is a transitive dependency from logback-classic 1.1.3.
Expected Behavior
I propose upgrading logback-classic to 1.2.3 and publish a stable release as soon as possible.
Actual Behavior
The vulnerabilities are affecting the latest stable release 0.5.3.
Description
There is a critical (9.8) severity vulnerability in the latest stable release of wunderboss-core.
Expected Behavior
I propose upgrading logback-classic to 1.2.3 and publish a stable release as soon as possible.
Actual Behavior
The vulnerabilities are affecting the latest stable release 0.5.3.
WunderBoss version
0.13.1