search

secure-software-engineering / FlowDroid

FlowDroid Static Data Flow Tracker
GNU Lesser General Public License v2.1
1.02k stars 292 forks source link

Does CVE-2015-3156 and CVE-2021-32754 has an effect on soot-infoflow 2.10.0 #637

Open zhchhawks opened 10 months ago

zhchhawks commented 10 months ago

Does CVE-2015-3156 and CVE-2021-32754 has an effect on soot-infoflow 2.10.0?

StevenArzt commented 10 months ago

FlowDroid does not use Trove backends for MySQL, Cassandra, etc.

zhchhawks commented 10 months ago

FlowDroid does not use Trove backends for MySQL, Cassandra, etc.

i saw the dependency in the pom,do you mean it has no effect for soot? `

net.sf.trove4j 
        <artifactId>trove4j</artifactId>
        <version>3.0.3</version>
    </dependency>

` by the way , what about CVE-2021-32754? thank you