DataLinkDC
[Improvement][!web,*] Vulnerabilities in dependencies need to be improved
Search before asking
- [X] I had searched in the issues and found no similar feature requirement.
Description
Vulnerabilities in dependencies need to be improved all pom.xml
Use case
No response
Related issues
No response
Are you willing to submit a PR?
- [ ] Yes I am willing to submit a PR!
Code of Conduct
- [X] I agree to follow this project's Code of Conduct
jmx_prometheus_javaagent 0.16.1 CVE: CVE-2022-25857, CVE-2022-38752, CVE-2022-1471 See details in https://github.com/prometheus/jmx_exporter/releases
snakeyaml 1.33 CVE: CVE-2022-1471 See detail in https://bitbucket.org/snakeyaml/snakeyaml/wiki/Changes Related issues: https://github.com/StevenBuglione/spring-boot-2-snakeyaml2-upgrade https://github.com/Tencent/spring-cloud-tencent/issues/982 支持或者兼容 Snakeyaml 2.0 https://blog.csdn.net/LJQClqjc/article/details/128388601 漏洞深度分析|CVE-2022-1471 SnakeYaml 命令执行漏洞 https://blog.csdn.net/weixin_44981472/article/details/131943181 nakeyaml升级2.0版本遇见的坑,解决办法
guava 31.1-jre CVE: CVE-2023-2976, CVE-2020-8908 See details in https://github.com/google/guava/releases
Hello @, this issue has not been active for more than 30 days. This issue will be closed in 7 days if there is no response. If you have any questions, you can comment and reply.
你好 @, 这个 issue 30 天内没有活跃,7 天后将关闭,如需回复,可以评论回复。
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}