nextflow icon indicating copy to clipboard operation
nextflow copied to clipboard

Published 20 hours ago verified publisher icon nextflow-io

Upgrade libraries on 23.10.1

Open arnaualcazar opened this issue 1 month ago • 0 comments

Some libraries found in version 23.10.1 do have vulnerabilities. They need to be updated to the following min version:

Affected library Severity Min version needed
org.pf4j/pf4j High 3.10.0
ch.qos.logback/logback-classic High 1.4.14
ch.qos.logback/logback-core High 1.4.14
io.projectreactor.netty:reactor-netty-http High 1.1.13
io.projectreactor.netty/reactor-netty-core High 1.1.13
io.netty:netty-codec-http2 High 4.1.100.Final
org.apache.commons/commons-compress High 1.26.0
com.squareup.okio:okio High 3.4.0
com.google.guava/guava High 32.0.0-jre
io.netty:netty-codec-http2 High 4.1.100.Final
org.eclipse.jgit/org.eclipse.jgit High 6.6.1.202309021850-r
io.grpc/grpc-protobuf High 1.53.0

arnaualcazar avatar May 16 '24 08:05 arnaualcazar