New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Snyk: libsnowflakeclient org.apache.velocity:velocity 1.7 | Snyk ID - SNYK-JAVA-ORGAPACHEVELOCITY-3116414 #574

Closed

github-actions bot opened this issue Oct 24, 2023 · 1 comment

github-actions bot commented Oct 24, 2023

Title: Snyk: libsnowflakeclient org.apache.velocity:velocity 1.7
Additional information on Snyk can be found here: https://snyk.io/org/snowflakedb-sca-scanning-public-repo/project/2c3699a7-7835-40f3-b3d9-5c315754e1f6
Repo: libsnowflakeclient
CVE: CVE-2020-13936
Package Type: java
Package Name: org.apache.velocity:velocity
Package Version: 1.7
Snyk ID: SNYK-JAVA-ORGAPACHEVELOCITY-3116414
Vulnerability URL: http://security.snyk.io/vuln/SNYK-JAVA-ORGAPACHEVELOCITY-3116414
Severity: high
Introduced Date: 2023-06-30
Projects with Vulnerability: snowflakedb/libsnowflakeclient:deps/aws-sdk-cpp-1.3.50/code-generation/generator/pom.xml
Target File: deps/aws-sdk-cpp-1.3.50/code-generation/generator/pom.xml
JIRA Ticket: https://snowflakecomputing.atlassian.net/browse/SNOW-949039

ghost commented Nov 22, 2023

fixed in 1.0.1 #523

ghost closed this as completed

This issue was closed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment