[jira] [Resolved] (JCRVLT-818) Vault CLI contains embedded vulnerable libraries

Konrad Windszus (Jira) Fri, 05 Sep 2025 10:02:06 -0700


     [ 
https://issues.apache.org/jira/browse/JCRVLT-818?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Konrad Windszus resolved JCRVLT-818.
------------------------------------
      Assignee: Konrad Windszus
    Resolution: Fixed

Fixed in 
https://github.com/apache/jackrabbit-filevault/commit/983bdec48b5772d6888d76c1b86899a90de735ef.

> Vault CLI contains embedded vulnerable libraries
> ------------------------------------------------
>
>                 Key: JCRVLT-818
>                 URL: https://issues.apache.org/jira/browse/JCRVLT-818
>             Project: Jackrabbit FileVault
>          Issue Type: Improvement
>    Affects Versions: 4.0.0
>            Reporter: Konrad Windszus
>            Assignee: Konrad Windszus
>            Priority: Major
>             Fix For: 4.0.2
>
>
> * logback-classic 1.2.10: 
> [CVE-2023-6378|https://logback.qos.ch/news.html#1.3.12]
>  * jackrabbit 2.20.16: 
> [CVE-2025-53689|https://www.cve.org/CVERecord?id=CVE-2025-53689]



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Resolved] (JCRVLT-818) Vault CLI contains embedded vulnerable libraries

Reply via email to