Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] Provides transitive vulnerable dependency maven:org.apache.commons:commons-text:1.9 #148

Closed
1 task done
liming1010 opened this issue Nov 30, 2023 · 1 comment
Closed
1 task done

[Bug] Provides transitive vulnerable dependency maven:org.apache.commons:commons-text:1.9 #148

liming1010 opened this issue Nov 30, 2023 · 1 comment
Labels
bug Something isn't working

Comments

@liming1010
Copy link

Bug Type (问题类型)

None

Before submit

Environment (环境信息)

server 1.0
client 1.0

maven:
```

org.apache.hugegraph
hugegraph-client
1.0.0



### Expected & Actual behavior (期望与实际表现)

maven提示:

Provides transitive vulnerable dependency maven:org.apache.commons:commons-text:1.9
CVE-2022-42889 9.8 Improper Control of Generation of Code ('Code Injection') vulnerability


这是一个漏洞信息

### Vertex/Edge example (问题点 / 边数据举例)

_No response_

### Schema [VertexLabel, EdgeLabel, IndexLabel] (元数据结构)

_No response_
@liming1010 liming1010 added the bug Something isn't working label Nov 30, 2023
@imbajin
Copy link
Contributor

imbajin commented Nov 30, 2023

duplicate with apache/incubator-hugegraph-toolchain#541

@imbajin imbajin closed this as completed Nov 30, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@liming1010 @imbajin