Hibernate has a dependency on apache-derby:10.11.1.1 that is vulnerable to CVE-2015-1832 with a CVSS of 9.1 and CVE-2018-1313 with a CVSS of 5.3
Description
None
Activity
Show:
Steve Ebersole July 9, 2021 at 12:28 AM
Fixed
Details
Details
Assignee
Sebastian NohnReporter
Sebastian NohnFix versions
Priority
MajorCreated July 8, 2021 at 9:12 PM
Updated July 19, 2021 at 9:15 AM
Resolved July 9, 2021 at 12:30 AM
To be clear… Hibernate has a dependency on Derby for testing. But still, worthwhile to upgrade