stocator icon indicating copy to clipboard operation
stocator copied to clipboard
verified publisher icon CODAIT

Upgrade commons-validator library (to get latest commons-beanutils) to fix twistlock issue findings

Open joseroque96 opened this issue 2 years ago • 1 comments

Apache Commons BeanUtils provides an easy-to-use but flexible wrapper around reflection and introspection.

Path to vulnerable library: /home/wss-scanner/.ivy2/cache/commons-beanutils/commons-beanutils/jars/commons-beanutils-1.9.2.jar

Dependency Hierarchy:

stocator-1.1.5.jar (Root Library) commons-validator-1.6.jar ❌ commons-beanutils-1.9.2.jar (Vulnerable Library) Found in HEAD commit: 346070213bf476fc63ca8b5d9d7909d4310f32ad

Found in base branch: main

Currently "commons-validator" "1.8.0" is free os vulnerabilities.

joseroque96 avatar Dec 18 '23 17:12 joseroque96

@shivangi24 - can you have a check

mrmadira avatar Dec 19 '23 09:12 mrmadira