rocket-bi icon indicating copy to clipboard operation
rocket-bi copied to clipboard

Published 20 hours ago verified publisher icon datainsider-co

Shiro 1.4.0 has component vulnerability, please upgrade it to >= 1.4.2

Open keyihao opened this issue 1 year ago • 1 comments

We tried the pre-built docker image and our corp vulnerability system warns that Shiro 1.4.0 has Padding Vulnerability [https://issues.apache.org/jira/browse/SHIRO-721]. Please help upgrade the Shiro version to >= 1.4.2. Thanks.

keyihao avatar Jan 24 '24 02:01 keyihao

hi @keyihao , Thank you for the issue, for a better way. You can manually upgrade Shiro in the pom.xml file. We will release an upgrade in the next release.

tvc12 avatar Jan 26 '24 03:01 tvc12