[jira] [Updated] (AXIS2-5930) CVE issues with dependency jars of axis2

tanishq pruthi (JIRA) Thu, 30 Aug 2018 00:04:24 -0700


     [ 
https://issues.apache.org/jira/browse/AXIS2-5930?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


tanishq pruthi updated AXIS2-5930:
----------------------------------
    Description: 
The dependent jars in axis 2 package are not updated to latest version

Due to which, some of the jars contains vulnerabilities . Some of them are below

[mex-1.7.6-impl.jar|#l203_99ee5f563d035e3904894ea89c4550bb71ddf34b]

[axis2-kernel-1.7.6.jar|#l245_aa2e05c5dc080f7089072d17acfb9b1a50d8bda9]

[tribes-6.0.16.jar|#l321_50b300ff415ef0cf3af4f14ec03131cdcb019efa]

 Dependency check tool is giving the following CVE in these jar

*[CVE-2012-5351|http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5351]*

*[CVE-2012-4418|http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4418]* 
** 

  was:
The dependent jars in axis 2 package are not updated to latest version

Due to which, some of the jars contains vulnerabilities . Some of them are below

[mex-1.7.6-impl.jar|#l203_99ee5f563d035e3904894ea89c4550bb71ddf34b]

[axis2-kernel-1.7.6.jar|#l245_aa2e05c5dc080f7089072d17acfb9b1a50d8bda9]

[tribes-6.0.16.jar|#l321_50b300ff415ef0cf3af4f14ec03131cdcb019efa]

 


> CVE issues with dependency jars of axis2
> ----------------------------------------
>
>                 Key: AXIS2-5930
>                 URL: https://issues.apache.org/jira/browse/AXIS2-5930
>             Project: Axis2
>          Issue Type: Bug
>    Affects Versions: 1.7.8
>            Reporter: tanishq pruthi
>            Priority: Major
>
> The dependent jars in axis 2 package are not updated to latest version
> Due to which, some of the jars contains vulnerabilities . Some of them are 
> below
> [mex-1.7.6-impl.jar|#l203_99ee5f563d035e3904894ea89c4550bb71ddf34b]
> [axis2-kernel-1.7.6.jar|#l245_aa2e05c5dc080f7089072d17acfb9b1a50d8bda9]
> [tribes-6.0.16.jar|#l321_50b300ff415ef0cf3af4f14ec03131cdcb019efa]
>  Dependency check tool is giving the following CVE in these jar
> *[CVE-2012-5351|http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5351]*
> *[CVE-2012-4418|http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4418]*
>  ** 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Updated] (AXIS2-5930) CVE issues with dependency jars of axis2

Reply via email to