-
Task
-
Resolution: Done
-
Neutral
-
None
-
None
-
None
-
-
Empty show more show less
-
Empty show more show less
https://nvd.nist.gov/vuln/detail/cve-2022-23221
https://ossindex.sonatype.org/vulnerability/a6f315cb-0e59-4ceb-9bd0-2567b7daef86?component-type=maven&component-name=com.h2database.h2&utm_source=dependency-check&utm_medium=integration&utm_content=6.3.1
https://github.com/h2database/h2database/security/advisories/GHSA-h376-j262-vhq6
Dismissed because
- Magnolia doesn't deploy the console in the embedded mode
- Magnolia doesn't use a JDBC configuration through which it is vulnerable, (see https://git.magnolia-cms.com/projects/PLATFORM/repos/ce/browse/magnolia-empty-webapp/src/main/webapp/WEB-INF/config/repo-conf/jackrabbit-bundle-h2-search.xml#25)
Acceptance criteria