-
Task
-
Resolution: Done
-
Neutral
-
None
-
None
-
None
-
-
Empty show more show less
-
Empty show more show less
-
Yes
https://nvd.nist.gov/vuln/detail/CVE-2023-39017
The issue would actually concern the artifact quartz-jobs which Magnolia doesn't use but the CPE erroneously matches any quartz artifact, see also https://github.com/quartz-scheduler/quartz/issues/943#issuecomment-1666141115
[INFO] | +- info.magnolia.task:magnolia-task-management:jar:1.2.11:compile [INFO] | | +- org.quartz-scheduler:quartz:jar:2.3.2:compile
Acceptance criteria