[jira] [Commented] (FLINK-38064) Bump cyclonedx-maven-plugin from 2.7.7 to 2.9.1

Siddharth R (Jira) Tue, 08 Jul 2025 12:08:04 -0700


    [ 
https://issues.apache.org/jira/browse/FLINK-38064?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18003874#comment-18003874
 ]


Siddharth R commented on FLINK-38064:
-------------------------------------

[~skononov] created this new Jira for better tracking :)

> Bump cyclonedx-maven-plugin from 2.7.7 to 2.9.1
> -----------------------------------------------
>
>                 Key: FLINK-38064
>                 URL: https://issues.apache.org/jira/browse/FLINK-38064
>             Project: Flink
>          Issue Type: Improvement
>            Reporter: Siddharth R
>            Priority: Major
>
> Bump cyclonedx-maven-plugin from 2.7.7 to 2.9.1 to remediate the findings in 
> the dependant packages.
>  
> Vulnerabilities from dependencies:
> [CVE-2024-38374|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38374]
>  
> Package details:
> [https://mvnrepository.com/artifact/org.cyclonedx/cyclonedx-maven-plugin/2.9.1]
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (FLINK-38064) Bump cyclonedx-maven-plugin from 2.7.7 to 2.9.1

Reply via email to