luc-boussant
commented
3 years ago Hello @hr-ireh, if you want to try and fix this problem on spring-search, it would be very nice to create an MR.
Something you can do to check the vulnerabilities is to launch mvn verify after cloning the repository.
It will output an HTML file which will include the vulnerable dependencies that need a bump :)
hr-ireh
The result of the library v0.2.2 review based on OWASP, I am trying to solve it, you have a solution? https://nvd.nist.gov