You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The compile time dependency org.sonatype.plexus:plexus-build-api:0.0.7 has itself a dependency on org.codehaus.plexus:plexus-utils:1.5.8 that has 3 CVEs reported, including a CRITICAL one.
Yes, a stale issue referecing the same problem from 2022: #11968
Suggest a fix
Upgrading org.sonatype.plexus:plexus-build-api to at least 1.0.0. I don't know how that might affect the code itself.
Forcing this version in my codebase (through an explicit dependency on org.sonatype.plexus:plexus-build-api:1.2.0) seems to actually cause no issues, for the usage I have anyway.
The text was updated successfully, but these errors were encountered:
Description
The compile time dependency
org.sonatype.plexus:plexus-build-api:0.0.7has itself a dependency onorg.codehaus.plexus:plexus-utils:1.5.8that has 3 CVEs reported, including a CRITICAL one.openapi-generator version
openapi-generator-maven-plugin, V 7.7.0
OpenAPI declaration file content or url
Not applicable
Generation Details
Not applicable
Steps to reproduce
Not applicable
Related issues/PRs
Yes, a stale issue referecing the same problem from 2022: #11968
Suggest a fix
Upgrading
org.sonatype.plexus:plexus-build-apito at least1.0.0. I don't know how that might affect the code itself.Forcing this version in my codebase (through an explicit dependency on
org.sonatype.plexus:plexus-build-api:1.2.0) seems to actually cause no issues, for the usage I have anyway.The text was updated successfully, but these errors were encountered: