[jira] [Updated] (MSHARED-1133) Switch to JUnit 5 and drop junit-addons

Michael Osipov (Jira) Sun, 11 Sep 2022 09:45:06 -0700


     [ 
https://issues.apache.org/jira/browse/MSHARED-1133?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Michael Osipov updated MSHARED-1133:
------------------------------------
    Summary: Switch to JUnit 5 and drop junit-addons  (was: Switch to Junit5 
and drop junit-addons)

> Switch to JUnit 5 and drop junit-addons
> ---------------------------------------
>
>                 Key: MSHARED-1133
>                 URL: https://issues.apache.org/jira/browse/MSHARED-1133
>             Project: Maven Shared Components
>          Issue Type: Dependency upgrade
>          Components: maven-reporting-impl
>            Reporter: Sylwester Lachiewicz
>            Assignee: Sylwester Lachiewicz
>            Priority: Minor
>             Fix For: maven-reporting-impl-4.0.0-M3
>
>
> fixes bellow reported issues in tests
> Provides transitive vulnerable dependency xerces:xercesImpl:2.6.2
> CVE-2012-0881 7.5 Vulnerability with medium severity found
> CVE-2018-2799 5.3 Uncontrolled Resource Consumption vulnerability pending 
> CVSS allocation
> CVE-2013-4002 7.1 Uncontrolled Resource Consumption vulnerability pending 
> CVSS allocation
> CVE-2020-14338 5.3 Improper Input Validation vulnerability pending CVSS 
> allocation
> CVE-2009-2625 5.0 Vulnerability with medium severity found
> CVE-2017-10355 5.3 Uncontrolled Resource Consumption vulnerability pending 
> CVSS allocation
> CVE-2022-23437 6.5 XML Injection (aka Blind XPath Injection) vulnerability 
> pending CVSS allocation
> Results powered by Checkmarx(c)



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (MSHARED-1133) Switch to JUnit 5 and drop junit-addons

Reply via email to