Closed github-actions[bot] closed 6 months ago
Title: Snyk: snowflake-ingest-java org.apache.commons:commons-compress 1.21 Additional information on Snyk can be found here: https://snyk.io/org/snowflakedb-sca-scanning-public-repo/project/0a0b0a8c-113f-4e60-98d3-357b27f5338d Repo: snowflake-ingest-java CVE: CVE-2024-25710 Package Type: java Package Name: org.apache.commons:commons-compress Package Version: 1.21 Snyk ID: SNYK-JAVA-ORGAPACHECOMMONS-6254296 Vulnerability URL: http://security.snyk.io/vuln/SNYK-JAVA-ORGAPACHECOMMONS-6254296 Severity: high Introduced Date: 2024-02-27 Projects with Vulnerability: snowflakedb/snowflake-ingest-java:e2e-jar-test/core/pom.xml Target File: e2e-jar-test/core/pom.xml JIRA Ticket: https://snowflakecomputing.atlassian.net/browse/SNOW-1180091
Resolved with https://github.com/snowflakedb/snowflake-ingest-java/pull/693
Title: Snyk: snowflake-ingest-java org.apache.commons:commons-compress 1.21 Additional information on Snyk can be found here: https://snyk.io/org/snowflakedb-sca-scanning-public-repo/project/0a0b0a8c-113f-4e60-98d3-357b27f5338d Repo: snowflake-ingest-java CVE: CVE-2024-25710 Package Type: java Package Name: org.apache.commons:commons-compress Package Version: 1.21 Snyk ID: SNYK-JAVA-ORGAPACHECOMMONS-6254296 Vulnerability URL: http://security.snyk.io/vuln/SNYK-JAVA-ORGAPACHECOMMONS-6254296 Severity: high Introduced Date: 2024-02-27 Projects with Vulnerability: snowflakedb/snowflake-ingest-java:e2e-jar-test/core/pom.xml Target File: e2e-jar-test/core/pom.xml JIRA Ticket: https://snowflakecomputing.atlassian.net/browse/SNOW-1180091