We're updating the issue view to help you get more done. 

Hibernate has a dependency on plexus-utils:3.0.1 that is vulnerable to CVE-2017-1000487 with a CVSS of 7.5

Description

Environment

None

Status

Assignee

Sebastian Nohn

Reporter

Sebastian Nohn

Fix versions

Labels

None

backPortable

Backport?

Suitable for new contributors

None

Requires Release Note

None

backportDecision

None

Components

Affects versions

5.4.3
5.2.18
5.3.10

Priority

Major