You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@jclouds.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2021/11/10 10:53:00 UTC

[jira] [Commented] (JCLOUDS-1588) Vulnerability detected in gson <2.8.9

    [ https://issues.apache.org/jira/browse/JCLOUDS-1588?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17441662#comment-17441662 ] 

ASF subversion and git services commented on JCLOUDS-1588:
----------------------------------------------------------

Commit 14e92fc8c82bc47ef90a25ee219861069ecf3193 in jclouds's branch refs/heads/master from Juan Cabrerizo
[ https://gitbox.apache.org/repos/asf?p=jclouds.git;h=14e92fc ]

JCLOUDS-1588: Bump google gson to 2.8.9 due to detected vulnerability (#124)



> Vulnerability detected in gson <2.8.9
> -------------------------------------
>
>                 Key: JCLOUDS-1588
>                 URL: https://issues.apache.org/jira/browse/JCLOUDS-1588
>             Project: jclouds
>          Issue Type: Bug
>            Reporter: Juan D. Cabrerizo
>            Priority: Major
>
> Snyk identifies now the previos versions of Google gson as vulnerable. The PR updates gson to the fixed version.
> Snyk report: [https://security.snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327]
> gson PR: [google/gson#1991|https://github.com/google/gson/pull/1991]
>  
> https://github.com/apache/jclouds/pull/124



--
This message was sent by Atlassian Jira
(v8.20.1#820001)