smolnar82 commented on PR #1086: URL: https://github.com/apache/knox/pull/1086#issuecomment-3351439930
> I will try to test the demo-ldap part, though I have no prior experience with this Repo , it might take me some time. @devaspatikrishnatri - then why did you submit this change? The Knox team checks the project dependencies time to time, we always fix issue with Critical/High CVEs. In this particular case, the project already uses `2.0.27`, which, at the moment, has **`0`** CVEs: <img width="1380" height="836" alt="image" src="https://github.com/user-attachments/assets/913b8592-5d2d-4bf8-9759-7a23cd9825a5"; /> I checked [KNOX-3191](https://issues.apache.org/jira/browse/KNOX-3191), where the only description I see: ``` Upgrade mina-core to 2.2.4 to fix CVEs. ``` Which CVEs are you referring to? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
