swagger-core icon indicating copy to clipboard operation
swagger-core copied to clipboard

Published 20 hours ago verified publisher icon swagger-api

MavenGate (CVE)

Open diyfr opened this issue 1 year ago • 0 comments

XFrog triggers an alert on packages io.swagger.core :

  • swagger-annotations-jakarta
  • swagger-models-jakarta
  • swagger-core-jakarta

https://blog.oversecured.com/Introducing-MavenGate-a-supply-chain-attack-method-for-Java-and-Android-applications
https://www.sonatype.com/sonatypes-ongoing-commitment-to-maven-central

diyfr avatar Feb 08 '24 08:02 diyfr