[FOLIO-1687] Security vulnerability reported in okapi-cli for vertx-web < 3.5.3, vertx-core < 3.5.4 Created: 08/Jan/19  Updated: 03/Jun/20  Resolved: 08/Jan/19

Status: Closed
Project: FOLIO
Components: None
Affects versions: None
Fix versions: None

Type: Task Priority: P3
Reporter: Peter Murray Assignee: Unassigned
Resolution: Duplicate Votes: 0
Labels: core, security, sprint54
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original estimate: Not Specified

Issue links:
Blocks
blocks FOLIO-1605 Fix security vulnerabilities reported... Closed
Cloners
clones FOLIO-1677 Security vulnerability reported in mo... Closed
Duplicate
duplicates MODCXMOCK-18 Upgrade vertx dependency for vertx-we... Closed
duplicates OKCLI-10 Upgrade vertx dependency for vertx-we... Completed
Sprint:

 Description   

For https://github.com/folio-org/okapi-cli, GitHub reports these two security vulnerabilities in pom.xml.

Dependency: io.vertx:vertx-web with version >= 3.0.0, < 3.5.3

Proposed solution: Upgrade to ~> 3.5.3

Vulnerabilities:
CVE-2018-12540 High severity
CVE-2018-12542 Low severity

Dependency: io.vertx:vertx-core with version >= 3.0.0, < 3.5.4

Proposed solution: Upgrade to ~> 3.5.4

Vulnerabilities:
CVE-2018-12541 Low severity
CVE-2018-12537 Moderate severity



 Comments   
Comment by Peter Murray [ 08/Jan/19 ]

Duplicate of OKCLI-10 Completed

Generated at Thu Feb 08 23:15:10 UTC 2024 using Jira 1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d.