Comments (1)
If you look at pom.xml
you'll see that the CVEs you mention apply to libraries that are not required to use the library itself. One of the CVEs applies to JUnit which is used when running unit tests, the other is used when running the demos. Neither of them need to be on the runtime class path. If, in using the library, you want to use logback, you could use any later version, since Tnm4j integrates logging through slf4j rather than using logback directly.
That said, neither of these vulnerabilities is particularly difficult to fix (just version bumps to later versions). I just updated master to use a later version of the parent POM which should version bump those dependencies to versions that aren't vulnerable to those CVEs.
from tnm4j.
Related Issues (20)
- OID to name resolution should find best match
- asyncwalk keeps retrying on TimeoutException HOT 2
- SNMP4J Provider support for SNMP V1 HOT 3
- Can't install with Maven HOT 4
- SNMPContext won't close. HOT 3
- SecurityProtocols.getInstance().addAuthenticationProtocol(new AuthSHA());
- SHA-256 AuthType support for SnmpV3 HOT 2
- Commercial license for tnm4j lib HOT 3
- Is this project still under development ? HOT 1
- Update Depedencies HOT 3
- Unable to set authNoPriv security level HOT 2
- Utilize the repo to load Custom MIB file HOT 3
- java.lang.nosuchmethoderror While using in Apache NiFi HOT 9
- SnmpV3 HOT 13
- Update dependencies HOT 1
- Dependencies wont download. HOT 2
- pom.xml repository offline HOT 3
- Back to Apache License HOT 6
- SNMP Listener can not read trap from OIDs that are entries in a table HOT 23
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from tnm4j.