CVEs with yamlbeans and apache.commons:commons-compress 

Trivy is reporting 4 CVEs (2 High/2 Medium) on the versions of com.esotericsoftware.yamlbeans:yamlbeans and org.apache.commons:commons-compress. Both libraries have remediated versions available:

| Library | Current Version | Remediated Version |
| --- | --- | --- |
| com.esotericsoftware.yamlbeans:yamlbeans | 1.15 | 1.17 |
| org.apache.commons:commons-compress | 1.24.0 | 1.26.0 |

[trivy_report_sonar-perl-plugin.txt](https://github.com/user-attachments/files/17978878/trivy_report_sonar-perl-plugin.txt)


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

CVEs with yamlbeans and apache.commons:commons-compress #154

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Library	Current Version	Remediated Version
com.esotericsoftware.yamlbeans:yamlbeans	1.15	1.17
org.apache.commons:commons-compress	1.24.0	1.26.0

CVEs with yamlbeans and apache.commons:commons-compress #154

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions