spring-framework-petclinic icon indicating copy to clipboard operation
spring-framework-petclinic copied to clipboard

Published 20 hours ago verified publisher icon spring-petclinic

Security Vulnerability with H2

Open muralits opened this issue 3 years ago • 1 comments

CRITICAL Vulnerability found in non-os package type (java) - /app/app.jar:BOOT-INF/lib/h2-1.4.200.jar (CVE-2021-23463 - https://nvd.nist.gov/vuln/detail/CVE-2021-23463)

How to fix this?

muralits avatar Mar 15 '22 05:03 muralits

We have to upgrade the H2 database version. Do you want to work on this subject?

arey avatar Mar 15 '22 07:03 arey

Fix with https://github.com/spring-petclinic/spring-framework-petclinic/pull/61

arey avatar Sep 17 '22 12:09 arey