Hello Team,
We are requesting a response pertaining to the attached CVEs. Is a patch in progress? If not is there a remediation timeframe in place? Please let us know if you have any questions or if there is a better place to reach out to. Sincerely, Oscar Moreno Sarmiento Meraki Security Engineer
Jira Ticket,CVE,PackageMan,Package,Version,Resolved Status,Resolution Date,Comments FEDAPPSEC-11411,CVE-2023-3635,gav,//com.squareup.okio,okio,,, FEDAPPSEC-11128,CVE-2023-34462,gav,//io.netty,netty-handler,,, FEDAPPSEC-11112,CVE-2023-35116,gav,//com.fasterxml.jackson.core,jackson-databind,,, FEDAPPSEC-11112,CVE-2023-35116,gav,//com.fasterxml.jackson.core,jackson-databind,,, FEDAPPSEC-11020,CVE-2023-2976,gav,//com.google.guava,guava,,, FEDAPPSEC-10122,CVE-2023-26049,gav,//org.eclipse.jetty,jetty-server,,, FEDAPPSEC-10108,CVE-2023-26048,gav,//org.eclipse.jetty,jetty-server,,, FEDAPPSEC-9928,CVE-2023-20863,gav,//org.springframework,spring-core,,, FEDAPPSEC-9333,CVE-2023-20861,gav,//org.springframework,spring-core,,, FEDAPPSEC-7722,CVE-2022-41946,gav,//org.postgresql,postgresql,,, FEDAPPSEC-7591,CVE-2022-45146,gav,//org.bouncycastle,bc-fips,,, FEDAPPSEC-6811,CVE-2016-1000027,gav,//org.springframework,spring-web,,, FEDAPPSEC-5920,VulnDB-90804,gav,//commons-cli,commons-cli,,,
