2 vulnerabilities found in dependency. #72
Description
My IDE says that deepl dependency have transitive dependencies with known vulnerabilities.
<dependency>
<groupId>com.deepl.api</groupId>
<artifactId>deepl-java</artifactId>
<version>1.10.2</version>
</dependency>
2 vulnerabilities found in dependency:
WS-2017-3734 5.3 Transitive Files or Directories Accessible to External Parties
CVE-2020-13956 5.3 Transitive Cross-Site Scripting (XSS)
Dependency maven:org.apache.httpcomponents:httpclient:4.5.2 is vulnerable.
Released Feb 21, 2016. Latest version is 4.5.14 has no known vulnerabilities.
Dependency maven:org.apache.commons:commons-lang3:3.16.0 is vulnerable.
Released Aug 07, 2024. Latest version is 3.18.0 has no known vulnerabilities.
Please, fix these asap.
Thanks.