amtadev

Results 8 comments of amtadev

[Vulnerability] spring-webmvc 5.3.1 in docker image openvsx-server (CVE-2022-22965)

![image](https://user-images.githubusercontent.com/71411093/173052040-4044641e-01d5-4316-8bd9-d106bdae9bac.png)

[Vulnerability] log4j-core 2.13.3 in docker image openvsx-server (CVE-2021-45046)

![image](https://user-images.githubusercontent.com/71411093/173051906-fb354e8b-cf18-48a0-8fcc-f2e24b3738c2.png)

[Vulnerability] log4j-core 2.13.3 in docker image openvsx-server (CVE-2021-45046)

updating [spdx-tools](https://github.com/spdx/tools/releases) to version 2.2.7 should mitigate this issue. It uses log4j 2.17.0.

Fix OpenVSX vulnerabilities

Yes they are. thank you

Fix OpenVSX vulnerabilities

@amvanbaren when do you reckon this PR will be ready to be merged and changes deployed as a docker image? thanks

Fix OpenVSX vulnerabilities

@amvanbaren any idea when will this PR be merged and deployed? thanks

Fix OpenVSX vulnerabilities

@amvanbaren Hi, when do you think this PR will be merged?

[Vulnerability] debian libfreetype6 2.9.1 in docker image openvsx-server (CVE-2020-15999)

freetype is a font rendering engine library which is used by cefSharp and chromium. Google chrome version 86.0.4240.111 or newer has this vulnerability patched, but that of course depends on...