OWL2VOWL
OWL2VOWL copied to clipboard
Hello! We found a vulnerable dependency in your project. Are you aware of it?
Hi! We spot a vulnerable dependency in your project, which might threaten your software. And we found that the vulnerable function of this CVE can be easily accessed from your software.
- CVE_ID: CVE-2021-29425
- Vulnerable dependency: commons-io:commons-io
- Your invocation path to the vulnerable method:
de.uni_stuttgart.vis.vowl.owl2vowl.export.types.FileExporter:write(java.lang.String)
⬇️
org.apache.commons.io.FilenameUtils:getFullPath(java.lang.String)
⬇️
org.apache.commons.io.FilenameUtils:doGetFullPath(java.lang.String,boolean)
⬇️
org.apache.commons.io.FilenameUtils:getPrefixLength(java.lang.String)
Therefore, maybe you need to upgrade this dependency. Hope this can help you! 😄