-
Task
-
Resolution: Done
-
Medium
-
None
-
SDC Sprint 24
LF CLM report identified a vulnerability in the flowing dependency:
group: org.apache.cxf
Artifact: cxf-common-utilities
this dependency was identified in:
Dependency org.apache.cxf:cxf-common-utilities:jar:2.2.2 located at Module org.openecomp.sdc.onboarding:notifications-fe:war:1.3.0-SNAPSHOT
the closest version with a fix is 2.2.9
comes from cxf-rt-transports-http upgrading it may solve the issue