spring data jpa - Resolved OWASP issues still seems to be reported -
i upgraded spring-data-jpa v1.11.0.release mitigate https://pivotal.io/security/cve-2016-6652 reported owasp-dependency plugin.
as per webpage upgrading ingalls (v1.11.0) should have fix issue still gets reported owasp dependency check plugin.
i think issues updated via https://nvd.nist.gov/vuln/data-feeds not find easy way root cause. assume either feed not updated or missing something.
thanks!
Comments
Post a Comment