Details
-
Task
-
Resolution: Done
-
Neutral
-
None
-
None
-
None
-
-
Empty show more show less
-
Empty show more show less
Description
One or more dependencies were identified with known vulnerabilities: magnolia-community-webapp-6.2-SNAPSHOT.war: microprofile-config-api-2.0.jar (pkg:maven/org.eclipse.microprofile.config/microprofile-config-api@2.0, cpe:2.3:a:payara:payara:2.0:*:*:*:*:*:*:*) : CVE-2022-37422 microprofile-config-api-2.0.jar (pkg:maven/org.eclipse.microprofile
The CVE is for payara micro server (not used by Magnolia) rather than microprofile config api, see https://nvd.nist.gov/vuln/detail/CVE-2022-37422
Checklists
Acceptance criteria