File tree Expand file tree Collapse file tree
cdap-credential-ext-gcp-wi Expand file tree Collapse file tree Original file line number Diff line number Diff line change 5454 <groupId >io.kubernetes</groupId >
5555 <artifactId >client-java</artifactId >
5656 <version >${k8s.version} </version >
57+ <exclusions >
58+ <exclusion >
59+ <groupId >commons-io</groupId >
60+ <artifactId >commons-io</artifactId >
61+ </exclusion >
62+ <exclusion >
63+ <groupId >org.apache.commons</groupId >
64+ <artifactId >commons-compress</artifactId >
65+ </exclusion >
66+ <exclusion >
67+ <groupId >org.bitbucket.b_c</groupId >
68+ <artifactId >jose4j</artifactId >
69+ </exclusion >
70+ </exclusions >
71+ </dependency >
72+ <!-- Fixes CVE-2021-35515, CVE-2023-31582, CVE-2024-47554 -->
73+ <dependency >
74+ <groupId >commons-io</groupId >
75+ <artifactId >commons-io</artifactId >
76+ </dependency >
77+ <dependency >
78+ <groupId >org.apache.commons</groupId >
79+ <artifactId >commons-compress</artifactId >
80+ </dependency >
81+ <dependency >
82+ <groupId >org.bitbucket.b_c</groupId >
83+ <artifactId >jose4j</artifactId >
84+ <version >${bitbucket.jose4j.version} </version >
5785 </dependency >
5886 <dependency >
5987 <groupId >com.squareup.okhttp3</groupId >
Original file line number Diff line number Diff line change 6868 <groupId >io.kubernetes</groupId >
6969 <artifactId >client-java</artifactId >
7070 <version >${k8s.version} </version >
71+ <exclusions >
72+ <exclusion >
73+ <groupId >commons-io</groupId >
74+ <artifactId >commons-io</artifactId >
75+ </exclusion >
76+ <exclusion >
77+ <groupId >org.apache.commons</groupId >
78+ <artifactId >commons-compress</artifactId >
79+ </exclusion >
80+ <exclusion >
81+ <groupId >org.bitbucket.b_c</groupId >
82+ <artifactId >jose4j</artifactId >
83+ </exclusion >
84+ </exclusions >
85+ </dependency >
86+ <!-- Fixes CVE-2021-35515, CVE-2023-31582, CVE-2024-47554 -->
87+ <dependency >
88+ <groupId >commons-io</groupId >
89+ <artifactId >commons-io</artifactId >
90+ </dependency >
91+ <dependency >
92+ <groupId >org.apache.commons</groupId >
93+ <artifactId >commons-compress</artifactId >
94+ </dependency >
95+ <dependency >
96+ <groupId >org.bitbucket.b_c</groupId >
97+ <artifactId >jose4j</artifactId >
98+ <version >${bitbucket.jose4j.version} </version >
7199 </dependency >
72100 <dependency >
73101 <groupId >io.kubernetes</groupId >
Original file line number Diff line number Diff line change 112112 <cdap .client.version>1.4.0</cdap .client.version>
113113 <commons .cli.version>1.2</commons .cli.version>
114114 <commons .collections.version>3.2.2</commons .collections.version>
115- <commons .compress.version>1.22</commons .compress.version>
115+ <commons .io.version>2.15.1</commons .io.version>
116+ <commons .compress.version>1.26.1</commons .compress.version>
117+ <bitbucket .jose4j.version>0.9.3</bitbucket .jose4j.version>
116118 <commons .lang3.version>3.12.0</commons .lang3.version>
117119 <commons-configuration2 .version>2.10.1</commons-configuration2 .version>
118120 <dropwizard .version>3.1.2</dropwizard .version>
213215 <artifactId >jul-to-slf4j</artifactId >
214216 <version >${slf4j.version} </version >
215217 </dependency >
218+ <dependency >
219+ <groupId >commons-io</groupId >
220+ <artifactId >commons-io</artifactId >
221+ <version >${commons.io.version} </version >
222+ </dependency >
223+ <dependency >
224+ <groupId >org.apache.commons</groupId >
225+ <artifactId >commons-compress</artifactId >
226+ <version >${commons.compress.version} </version >
227+ </dependency >
216228 <dependency >
217229 <groupId >io.cdap.common</groupId >
218230 <artifactId >common-cli</artifactId >
You can’t perform that action at this time.
0 commit comments