- changed status to resolved
H2 Vulnerabilities
Issue #1120
resolved
Vulnerabilities from dependencies:
CVE-2022-23221
CVE-2021-42392
CVE-2021-23463
CVE-2019-0227
CVE-2014-3596
See https://mvnrepository.com/artifact/net.sf.okapi/okapi-lib/1.42.0
and https://mvnrepository.com/artifact/net.sf.okapi.tm/okapi-tm-simpletm/1.42.0
The dependency is:
groupId: com.h2database
artifactId: h2
Right now we are at version 1.4.199, the latest is 2.1.210
I remember I tried to update it a while ago, but failed.
The comment in superpom/pom.xml is <!-- 1.4.200 breaks Rainbow integration -->
Comments (2)
-
reporter
-
reporter
Merged in mihai_h2_update (pull request #588)
Fix
#1120: H2 VulnerabilitiesApproved-by: Chase Tingley
→ <<cset 68f629890482>>
- Log in to comment
Fix
#1120: H2 Vulnerabilities→ <<cset 0693d0fa482d>>