-
Task
-
Resolution: Done
-
High
-
None
-
None
2019/4/17:
com.h2 database:
We update the version of h2 to 1.4.199, currently the threat level is 6. this is not only used during the unit-testing, just this Component named function-test.
com.github.roskart.dropwizard-jaxws : dropwizard-jaxws-example v.1.0.5 has 10 CVE's
Yes, we confirmed. and we are also searching for the alternative.
org.postgresql : postgresql : 42.2.5,
the related CVE is marked as disputed (see https://nvd.nist.gov/vuln/detail/CVE-2019-9193 for further details). and it's commonly used and without newer version. we'd like to ask exception for it.
Jackson: we are working on using the Gson as the Alternative of jackson