You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tinkerpop.apache.org by "Tal Ron (Jira)" <ji...@apache.org> on 2024/02/08 08:47:00 UTC
[jira] [Created] (TINKERPOP-3050) severity security vulnerability in logback-core
Tal Ron created TINKERPOP-3050:
----------------------------------
Summary: severity security vulnerability in logback-core
Key: TINKERPOP-3050
URL: https://issues.apache.org/jira/browse/TINKERPOP-3050
Project: TinkerPop
Issue Type: Bug
Components: console
Affects Versions: 3.6.6
Reporter: Tal Ron
used logback-core version is: 1.2.11- [CVE-2023-6378|https://github.com/advisories/GHSA-vmq6-5m68-f53m]
[https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6378]
[https://github.com/advisories/GHSA-vmq6-5m68-f53m]
I see that even latest v1.2.13 has security issue:
[https://mvnrepository.com/artifact/ch.qos.logback/logback-core]
1.3.12, 1.3.14, 1.4.12 and latest 1.4.14 are currently safe
--
This message was sent by Atlassian Jira
(v8.20.10#820010)