Project

General

Profile

Actions
Copy link

Bug #19425

closed

False-positive vulnerability in cve dependencies

Added by Alexis Mousset over 3 years ago. Updated about 3 years ago.

Status:
Released
Priority:
N/A
Assignee:
François ARMAND
Category:
Packaging
Target version:
6.1
Pull Request:
https://github.com/Normation/rudder-p...
Severity:
UX impact:
User visibility:
Effort required:
Priority:
0
Name check:
To do
Fix check:
To do
Regression:

Description

The detected vulnerability is:

refined_2.13-0.9.20.jar: CVE-2021-34364

which affects a browser extension (https://github.com/sindresorhus/refined-github) and not a scala lib (https://github.com/fthomas/refined)

Actions
Copy link
 #1

Updated by Alexis Mousset over 3 years ago

  • Project changed from Rudder tools to Rudder plugins
  • Category set to Packaging
  • Assignee set to Alexis Mousset
  • Target version changed from master to 6.1
Actions
Copy link
 #2

Updated by Alexis Mousset over 3 years ago

  • Status changed from New to In progress
Actions
Copy link
 #3

Updated by Alexis Mousset over 3 years ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Alexis Mousset to François ARMAND
  • Pull Request set to https://github.com/Normation/rudder-plugins-private/pull/181
Actions
Copy link
 #4

Updated by Alexis Mousset over 3 years ago

  • Status changed from Pending technical review to Pending release

Applied in changeset rudder-plugins-private:commit:rudder-plugins-private|78b17624c38b6fe312a713c2894ba071f7b28535.

Actions
Copy link
 #5

Updated by Vincent MEMBRÉ about 3 years ago

  • Status changed from Pending release to Released
Actions
Copy link

Also available in: Atom PDF