OWL2VOWL Hello! We found a vulnerable dependency in your project. Are you aware of it?

Hello! We found a vulnerable dependency in your project. Are you aware of it?

Open HelloMavenEco opened this issue 1 year ago • 0 comments

Hi! We spot a vulnerable dependency in your project, which might threaten your software. And we found that the vulnerable function of this CVE can be easily accessed from your software.

CVE_ID: CVE-2021-29425
Vulnerable dependency: commons-io:commons-io
Your invocation path to the vulnerable method:

de.uni_stuttgart.vis.vowl.owl2vowl.export.types.FileExporter:write(java.lang.String)
⬇️
org.apache.commons.io.FilenameUtils:getFullPath(java.lang.String)
⬇️
org.apache.commons.io.FilenameUtils:doGetFullPath(java.lang.String,boolean)
⬇️
org.apache.commons.io.FilenameUtils:getPrefixLength(java.lang.String)

Therefore, maybe you need to upgrade this dependency. Hope this can help you! 😄

Aug 23 '22 05:08 HelloMavenEco

OWL2VOWL OWL2VOWL copied to clipboard

Hello! We found a vulnerable dependency in your project. Are you aware of it?

OWL2VOWL
OWL2VOWL copied to clipboard