Community
Participate
Working Groups
Dependabot has reported the following. Maybe consider configuring Dependabot to create PRs [1]. eclipse / microprofile-sandbox Known security vulnerabilities detected Dependency junit:junit Version >= 4.7 < 4.13.1 Upgrade to ~> 4.13.1 Defined in pom.xml Suggested update #81 Vulnerabilities CVE-2020-15250 Moderate severity Dependency commons-io:commons-io Version < 2.7 Upgrade to ~> 2.7 Defined in pom.xml Suggested update #83 Vulnerabilities CVE-2021-29425 Moderate severity Dependency org.jboss.resteasy:resteasy-client-microprofile Version <= 4.5.6.Final Upgrade to ~> 4.5.7.Final Defined in pom.xml Suggested update #84 Vulnerabilities CVE-2020-25633 Moderate severity Dependency org.hibernate.validator:hibernate-validator Version >= 6.1.0.Final <= 6.1.4.Final Upgrade to ~> 6.1.5.Final Defined in pom.xml Suggested update #85 Vulnerabilities CVE-2020-10693 Moderate severity [1] https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/enabling-and-disabling-version-updates