Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

False positive for quarkus-core 3.8.4 vulnerability #4483

Closed
khaledgithubwl opened this issue Jun 3, 2024 · 3 comments
Closed

False positive for quarkus-core 3.8.4 vulnerability #4483

khaledgithubwl opened this issue Jun 3, 2024 · 3 comments

Comments

@khaledgithubwl
Copy link

hello I am experiencing some issues regarding this component I am using quarkus-core 3.8.4 and it raises whith github advisories this finding: GHSA-f8h5-v2vg-46rr
Can you please tell me why i get this vulnerability in this version.. as I am seeing in the link here that the version 3.8.4 is a patched version.

Best regards,
@codespearhead
Copy link

codespearhead commented Jun 11, 2024
edited
Loading

What tool is alerting you that 3.8.4 is affected by CVE-2024-2700?

@khaledgithubwl
Copy link
Author

@codespearhead it is dependency track

@github github deleted a comment from hotcoding85 Jun 27, 2024
@darakian
Copy link
Contributor

@codespearhead it is dependency track

Please raise this issue to the dependency track team

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@darakian @codespearhead @khaledgithubwl