Hello,
We're using your librarie in one of our projects, and while resolving it's vulnerabilities, it seems that the latest version available on the maven repository repository does not resolved these CVE :
[ERROR] swagger-parser-core-2.1.22.jar: CVE-2019-7238(9.8), CVE-2020-10204(7.2), CVE-2020-10199(8.8)
[ERROR] swagger-parser-safe-url-resolver-2.1.22.jar: CVE-2022-2900(9.1), CVE-2022-2216(9.8)
We're using owasp dependency check
org.owasp
dependency-check-maven
Are those in your backlog at the moment ?
Thank you.
Hello,
We're using your librarie in one of our projects, and while resolving it's vulnerabilities, it seems that the latest version available on the maven repository repository does not resolved these CVE :
[ERROR] swagger-parser-core-2.1.22.jar: CVE-2019-7238(9.8), CVE-2020-10204(7.2), CVE-2020-10199(8.8)
[ERROR] swagger-parser-safe-url-resolver-2.1.22.jar: CVE-2022-2900(9.1), CVE-2022-2216(9.8)
We're using owasp dependency check
org.owasp
dependency-check-maven
Are those in your backlog at the moment ?
Thank you.