You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Don't know if this is the correct channel post for CVE-2020-26945 that was flag by Owasp scan.
Recently we did a OWASP scan on the libs for my project and a vulnerability was flagged for mybatis-spring-2.0.5.jar on CVE-2020-26945 to use mybatis-3.5.6.
Thus I have up only mybatis to 3.5.6 with mybatis-spring-2.0.5 and did another owasp scan. The vulnerability is still being reported.
Thinking maybe I need to up mybatis-spring to 2.0.6 wth 3.5.6 and did another scan. The vulnerability is still being reported. Is there issue with the dependency?
Don't know if this is the correct channel post for CVE-2020-26945 that was flag by Owasp scan.
Recently we did a OWASP scan on the libs for my project and a vulnerability was flagged for mybatis-spring-2.0.5.jar on CVE-2020-26945 to use mybatis-3.5.6.
Thus I have up only mybatis to 3.5.6 with mybatis-spring-2.0.5 and did another owasp scan. The vulnerability is still being reported.
Thinking maybe I need to up mybatis-spring to 2.0.6 wth 3.5.6 and did another scan. The vulnerability is still being reported. Is there issue with the dependency?
The fact that synk seems to show its correct here https://snyk.io/vuln/SNYK-JAVA-ORGMYBATIS-1017032
For expert advice. Thanks alot.
Best Regards,
Taroace22
The text was updated successfully, but these errors were encountered: