[JS-1977] Remove H2 Test Project from Repository due to 3rd-party vulnerability issue CVE-2022-23221 - SOS JIRA

XML

Word

Printable

Details

Type: Fix
Status: Released (View Workflow)
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.13.12
Component/s: None
Labels:
None

CVE-ID:
CVE-2022-23221

Description

Current Situation

JobScheduler Master, Agent and JOC do not ship with a J2 JDBC Driver and are not affected by this vulnerability.
see https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23221
Due to a remaining detached test project only, the repository's vulnerability guard warns about existing dependencies.

Desired Behavior

As JobScheduler Master, Agent and JOC do not ship with a H2 JDBC Driver any current references in the repository should be removed.

Attachments

Issue Links

is related to

JS-1967 Remove support for H2 due to 3rd-party vulnerability issue CVE-2021-23463

Released

Activity

People

Assignee:: Santiago Aucejo Petzoldt

Reporter:: Santiago Aucejo Petzoldt

Approver:: Oliver Haufe

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 28 January 2022 08:50

Updated:: 08 February 2022 17:36

Resolved:: 28 January 2022 09:21