parceler icon indicating copy to clipboard operation
parceler copied to clipboard

Published 20 hours ago verified publisher icon johncarl81

Facing Vulnerabilities in parceler library

Open KaviIDPal opened this issue 5 years ago • 1 comments

While using annotationProcessor there are 5 Vulnerabilities Found in CRITICAL .

Below the library version we are used: implementation 'org.parceler:parceler-api:1.1.13' annotationProcessor 'org.parceler:parceler:1.1.13'

Vulnerabilities ID parceler-1.1.13.jar (shaded: commons-beanutils:commons-beanutils:1.9.2) parceler-1.1.13.jar (shaded: commons-collections:commons-collections:3.2.1)

I have already raised a ticket, in this ticket you mentioned that it has been fixed but it was not reflected in our codebase. Is this changes tag to master? or please give some pointers to avoid this vunerability? Thanks

Previous ticket link: https://github.com/johncarl81/parceler/issues/383

KaviIDPal avatar Apr 03 '20 08:04 KaviIDPal

It's fixed, just not pushed to maven central under a release.

johncarl81 avatar Apr 12 '20 22:04 johncarl81