frontend-maven-plugin icon indicating copy to clipboard operation
frontend-maven-plugin copied to clipboard

Published 20 hours ago verified publisher icon eirslett

CVE-2024-25710

Open Janpopan opened this issue 1 year ago • 0 comments

Do you want to request a feature or report a bug? Bug

CVE-2024-25710 is reported commons-compress-1.21 is used as a 3rd party lib

If the current behavior is a bug, please provide the steps to reproduce. use an OWASP Check toll or take a look at https://nvd.nist.gov/vuln/detail/CVE-2024-25710

What is the expected behavior? update commons-compress to 1.26.0

Please mention your frontend-maven-plugin and operating system version. frontend-maven-plugin 1.15.0

btw there are some more not uptodate 3rd party libs

Janpopan avatar Feb 23 '24 07:02 Janpopan