Skip to content

[Question] Is there a plan to fix the vulnerabilities in the dependency software? #1497

New issue
New issue
Closed as not planned
Closed as not planned
[Question] Is there a plan to fix the vulnerabilities in the dependency software?#1497
Labels
question
@minchai23

Description

@minchai23
minchai23
opened on May 25, 2024

Search before asking

  • I had searched in the issues and found no similar issues.

Question

  1. CVE-2023-39017 in Quartz 2.3.2,API misuse of org.quartz.jobs.ee.jms.SendQueueMessageJob.execute would lead the code injection vulnerability. quartz-scheduler/quartz#943
  2. Other Vulnerabilities in Spring Boot's dependent software

Metadata

Metadata

Assignees

No one assigned

    Labels

    question

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions