CVE-2016-7048 was updated on 2018-10-12 and is now breaking our builds. Upon further inspection, we see that this is a vulnerability to those using the interactive installer - clearly those of us downloading this artifact from Maven Central are not affected
False positive on library postgresql.jar - reported as cpe:2.3:a:postgresql:postgresql:9.3 - CVE-2016-7048
<dependency>
<groupId>org.postgresql</groupId>
<artifactId>postgresql</artifactId>
</dependency>At least versions >= 42.2.1 are affected.
CVE-2016-7048 was updated on 2018-10-12 and is now breaking our builds. Upon further inspection, we see that this is a vulnerability to those using the interactive installer - clearly those of us downloading this artifact from Maven Central are not affected
False positive on library postgresql.jar - reported as
cpe:2.3:a:postgresql:postgresql:9.3- CVE-2016-7048At least versions >= 42.2.1 are affected.