Build for Java 8; upgrade dependencies and plugins #27
Conversation
![sonatype-lift[bot]](https://avatars.githubusercontent.com/in/9843?s=60&v=4){kind=small}
| @@ -90,8 +90,8 @@ | |||
| <scope>test</scope> | |||
| </dependency> | |||
| <dependency> | |||
There was a problem hiding this comment.
Severe OSS Vulnerability:
pkg:maven/com.google.guava/guava@31.1-jre
0 Critical, 1 Severe, 0 Moderate, 0 Unknown vulnerabilities have been found across 1 dependencies
Components
pkg:maven/com.google.guava/guava@31.1-jre
SEVERE Vulnerabilities (1)
[sonatype-2020-0926] CWE-379: Creation of Temporary File in Directory with Incorrect Permissions
guava - Creation of Temporary File in Directory with Insecure Permissions [CVE-2020-8908]
The software creates a temporary file in a directory whose permissions allow unintended actors to determine the file's existence or otherwise access that file.
CVSS Score: 6.2
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-379
Reply with "@sonatype-lift help" for more info.
Reply with "@sonatype-lift ignore" to tell Liftbot to leave out the above finding from this PR.
Reply with "@sonatype-lift ignoreall" to tell Liftbot to leave out all the findings from this PR and from the status bar in Github.
When talking to Liftbot, you need to refresh the page to see its response. Click here to get to know more about Liftbot commands.
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
No description provided.