You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
groovy 2.4.5 is outdated and vulnerabilities are reported with 2.4.5 version.
Vulnerabilities reported :
When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization mechanisms, e.g. to communicate between servers or to store local data, an attacker could bake a special serialized object that will execute code directly when deserialized. All applications that rely on serialization and do not isolate the code that deserializes objects were subject to this vulnerability
Can we upgrade groovy version to 2.5.8?
The text was updated successfully, but these errors were encountered:
groovy 2.4.5 is outdated and vulnerabilities are reported with 2.4.5 version.
Vulnerabilities reported :
When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization mechanisms, e.g. to communicate between servers or to store local data, an attacker could bake a special serialized object that will execute code directly when deserialized. All applications that rely on serialization and do not isolate the code that deserializes objects were subject to this vulnerability
Can we upgrade groovy version to 2.5.8?
The text was updated successfully, but these errors were encountered: