Skip to content

Commit

Permalink
CVE-2023-42503: CVE-2023-42503: Apache Commons Compress denial of ser…
Browse files Browse the repository at this point in the history 
…vice vulnerability. More info: https://nvd.nist.gov/vuln/detail/CVE-2023-42503
  • Loading branch information
@pefernan
pefernan committed Oct 30, 2023
1 parent 928271a commit 53a6de2
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions kogito-build/kogito-dependencies-bom/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -124,6 +124,7 @@
<version.com.github.stephenc.jcip>1.0-1</version.com.github.stephenc.jcip>
<version.black.ninia>4.1.1</version.black.ninia>
<version.com.google.guava>32.0.1-jre</version.com.google.guava>
<version.apache.commons.commons-compress>1.24.0</version.apache.commons.commons-compress>
</properties>

<dependencyManagement>
Expand All @@ -134,6 +135,12 @@
<artifactId>guava</artifactId>
<version>${version.com.google.guava}</version>
</dependency>
<!-- CVE-2023-42503: Apache Commons Compress denial of service vulnerability. More info: https://nvd.nist.gov/vuln/detail/CVE-2023-42503 -->
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-compress</artifactId>
<version>${version.apache.commons.commons-compress}</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
Expand Down

0 comments on commit 53a6de2

Please sign in to comment.