New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

CVE-2017-5402 - Vulnerability of non-maven product mapped to maven package #107

Open

cg122 opened this issue Jan 12, 2022 · 1 comment

cg122 commented Jan 12, 2022

According to the description, CVE-2017-5402 relates to:

This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8.

However, it mapped to pkg:maven/org.apache.tomcat/tomcat@9.0

CVE-2017-5402.json.gz

The text was updated successfully, but these errors were encountered:

Member

MagielBruntink commented Jan 15, 2022

Mapped to another Maven package now:
pkg:maven/com.kitfox.svg/svg-salamander@9.0, which does not exist with version 9.0 (but only 1.0).

CVE-2017-5402-2.json.gz

# for free to join this conversation on GitHub. Already have an account? # to comment