easy-batch
easy-batch copied to clipboard
Hello! We found a vulnerable dependency in your project. Are you aware of it?
Hi! We spot a vulnerable dependency in your project, which might threaten your software. And we found that the vulnerable function of this CVE can be easily accessed from your software.
- CVE_ID: CVE-2021-39154
- Vulnerable dependency: com.thoughtworks.xstream:xstream
- Your invocation path to the vulnerable method:
org.jeasy.batch.extensions.xstream.XstreamRecordMarshaller:<init>()
⬇️
com.thoughtworks.xstream.XStream:<init>()
⬇️
...
⬇️
com.thoughtworks.xstream.XStream:setupSecurity()
Therefore, maybe you need to upgrade this dependency. Hope this can help you! 😄