You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The latest release of classif takes dependency on org.apache.logging.log4j:log4j-core:jar:2.11.2 which has multiple direct CVEs against it.
This CVEs are being passed into the latest release of org.revapi:revapi-java (version 0.28.0).
Please release a version with the dependency org.apache.logging.log4j:log4j-core upgraded to version 2.17.1 or greater where these direct CVEs have been resolved.
I'm linking here the issue that I've opened with revapi as well. revapi/revapi#284
The text was updated successfully, but these errors were encountered:
The latest release of classif takes dependency on
org.apache.logging.log4j:log4j-core:jar:2.11.2which has multiple direct CVEs against it.This CVEs are being passed into the latest release of
org.revapi:revapi-java(version 0.28.0).Please release a version with the dependency
org.apache.logging.log4j:log4j-coreupgraded to version 2.17.1 or greater where these direct CVEs have been resolved.I'm linking here the issue that I've opened with revapi as well.
revapi/revapi#284
The text was updated successfully, but these errors were encountered: