ISSUE-358: There is a vulnerability in Spring Boot 2.0.2.RELEASE,upgrade recommended

streamnative / pulsar-manager

A tool for managing Apache Pulsar.

Apache License 2.0

12 stars 3 forks source link

ISSUE-358: There is a vulnerability in Spring Boot 2.0.2.RELEASE,upgrade recommended #180

Open sijie opened 3 years ago

sijie commented 3 years ago

Original Issue: apache/pulsar-manager#358

https://github.com/apache/pulsar-manager/blob/d15a0f1e45a3fe9821df51361584dce87e104948/build.gradle#L17

CVE-2020-5421

Recommended upgrade version： 2.1.17.RELEASE

compuguy commented 1 year ago

This is still an issue with pulsar-manager, including the latest upstream release. Looks like it's because of use of a EOL library Spring Cloud Netflix Zuul. Spring Cloud Gateway is the currently supported alternative... https://github.com/spring-cloud/spring-cloud-netflix/issues/4158