[jira] [Created] (TIKA-4099) Upgrade Bouncy Castle to 1.74

Thu, 13 Jul 2023 00:03:17 -0700 

Nicolò Mendola created TIKA-4099:
------------------------------------

             Summary: Upgrade Bouncy Castle to 1.74
                 Key: TIKA-4099
                 URL: https://issues.apache.org/jira/browse/TIKA-4099
             Project: Tika
          Issue Type: Task
    Affects Versions: 2.8.0
            Reporter: Nicolò Mendola


Could you please Upgrade Bounc Castle Dependency to Version 1.74?

 
{code:java}
┌───────────────────────────────────────────┬────────────────┬──────────┬───────────────────┬───────────────┬───────────────────────────────────────────────────────────┐
│                  Library                  │ Vulnerability  │ Severity │ 
Installed Version │ Fixed Version │                           Title             
              │
├───────────────────────────────────────────┼────────────────┼──────────┼───────────────────┼───────────────┼───────────────────────────────────────────────────────────┤
│ org.bouncycastle:bcprov-jdk18on           │ CVE-2023-33201 │ MEDIUM   │ 1.73  
            │ 1.74          │ potential blind LDAP injection attack using a 
self-signed │
│  │                │          │                   │               │ 
certificate                                               │
│                                           │                │          │       
            │               │ https://avd.aquasec.com/nvd/cve-2023-33201        
        │
└───────────────────────────────────────────┴────────────────┴──────────┴───────────────────┴───────────────┴───────────────────────────────────────────────────────────┘
 {code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to