CVSS vulnerability detected - can you up-level the offending lib?

Security scans identified an vuln that prevents me from using your cool tool in my org:  
Type:               VULNERABILITY
          Name:               SNYK-JAVA-ORGAPACHEMAVENSHARED-570592
          CVSS Score v3:      9.8
          Severity:           severe
          Description Link:   https://snyk.io/vuln/SNYK-JAVA-ORGAPACHEMAVENSHARED-570592

It's in the org.apache.maven.shared:maven-shared-utils:3.2.1:jar dependency, near as I can tell.

Any chance you can up-level that to a version that doesn't have the vulnerability?

Based on the reporting site, that should be version 3.3.3

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

CVSS vulnerability detected - can you up-level the offending lib? #326

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Uh oh!

CVSS vulnerability detected - can you up-level the offending lib? #326

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions