Skip to content

Incrementing vulnerable core code package

Spencer Sutton requested to merge aws-blue-update into master

REASON FOR CORE CODE CHANGE:

The parent package rest-assured had a dependency on 0.1.0 apache sling which has a high known vulnerability. See here:

https://nvd.nist.gov/vuln/search/results?form_type=Advanced&results_type=overview&search_type=all&cpe_vendor=cpe%3A%2F%3Aapache&cpe_product=cpe%3A%2F%3Aapache%3Asling&cpe_version=cpe%3A%2F%3Aapache%3Asling%3A0.1.0

Commits:

commit 471e8c47 Author: Spencer Sutton suttonsp@amazon.com Date: Thu May 27 2021 10:10:31 GMT-0500 (Central Daylight Time)

 "Excluding springs default security, locking down mvn central"
Edited by Spencer Sutton

Merge request reports

Loading