Uploaded image for project: 'Policy Framework'
  1. Policy Framework
  2. POLICY-4405

Mitigate vulnerable dependencies in drools-pdp

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Done
    • Icon: Medium Medium
    • London Release
    • None
    • drools-pdp
    • None
    • Policy 2022-10-27->2022-11-09, Policy 2022-11-09->2022-11-23, Policy 2022-11-30->2022-12-14, Policy 2023-01-04->2023-01-18, Policy 2023-01-25->2023-02-08, Policy 2023-02-08->2023-02-22, Policy 2023-02-22->2023-03-08

      There are a few dependencies in drools-pdp that are showing up in the CLM runs as being vulnerable. They are:
      10     Security - Critical vulnerabilities    com.thoughtworks.xstream : xstream : 1.4.17
      10     Security - Critical vulnerabilities    org.apache.maven : maven-compat : 3.3.9
      10     Security - Critical vulnerabilities    org.apache.maven : maven-core : 3.3.9
      10     Security - Critical vulnerabilities    org.apache.maven : maven-settings : 3.3.9
      10     Security - Critical vulnerabilities    org.jsoup : jsoup : 1.7.2

      See the CLM report for drools-pdp for more information.

        1. onap-policy-drools-applications-Build-20221126-013829.pdf
          836 kB
          liamfallon
        2. onap-policy-drools-pdp-Build-20221126-193740.pdf
          960 kB
          liamfallon

            ja043n ja043n
            liamfallon liamfallon
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: