mariusssi issues

Results 4 issues of


                                            mariusssi

Update netty-3.10.6.Final (vulnerable)

netty-3.10.6.Final.jar has known reported vulnerabilities (CVE-2019-16869, CVE-2019-20444, CVE-2019-20445, CVE-2021-21290, CVE-2021-21295, CVE-2021-21409), some critical, and is still being used in pinpoint-agent-2.2.2. Can it be updated ? Alternatively, what would be the...

question

security

dependencies

Batik 1.9.1 CRITICAL vulnerability CVE-2018-8013 (batik-dom)

There's another critical CVE in batik, https://nvd.nist.gov/vuln/detail/CVE-2018-8013 Unfortunately the latest version of kettle we can grab (9.4.0.0-343) still has batik-1.9.1 in it. If no update, can you share if this...

Update org.dom4j in kettle-core and kettle-engine (v2.1.1 has critical vulnerability)

**dom4j** is still version **2.1.1** in both the engine and core packages. And this has a critical CVE, **CVE-2020-10683** , we need to fix. Could you please upgrade to 2.1.3...

Batik 1.9.1 vulnerability (CVE-2020-11987) in kettle-core

I have this CVE reported in my application for about 1 year (on 9.3.0.0-428). https://github.com/advisories/GHSA-2h63-qp69-fwvw (High Severity) Would need **batik** 1.14+ Wanted to upgrade but it's the same version in...