Provides transitive vulnerable dependency org.bouncycastle:bcprov-jdk15on:1.67 Vulnerability with high severity found #103
Comments
|
怎么给关闭了呀 @Jeffreykzli |
|
bcprov-jdk15on:1.67 这个依赖有漏洞,需要处理一下的 |
|
咱们SDK最低支持jdk18,为什么不将bcprov提升为jdk18on? |
|
Open
|
我们会排期安排升级依赖哈,已经录了需求单,待后续排期、升级、测试没问题之后,会安排发布 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
https://advisory.checkmarx.net/advisory/vulnerability/Cxa9261daf-3755/
The text was updated successfully, but these errors were encountered: