Is there any public reference to these "vulnerabilities" that we could look
at? Like many such reports,
they seem to be highly... theoretical. For example, this is what I found,
looking around the Web -
https://osv.dev/vulnerability/OSV-2023-696
if you click on the affected range of commits... it
Hello Lucene community team,
As most tech companies do, our security department is performing automated
vulnerability scans. They identified 2 similar Sonartypes on Lucene, on
all versions (as far as I know).
I've been wondering if the Lucene team plans to fix them, but could not
find the informa
