Potential vulnerability in dependencies jars

Hi,

Potential vulnerability in dependencies jars

 Node-Liquibase Version
4.4.0


1. postgresql-42.2.8.jar is vulnerable as per this CVE.

path: liquibase\dist\drivers

CVE-2022-21724
https://github.com/advisories/GHSA-v7wg-cpwc-24m4

2. h2-1.4.200.jar is vulnerable as per the below CVE.

path:-liquibase\dist\liquibase\lib

[CVE-2022-23221](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23221)
[CVE-2021-42392](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42392)
[CVE-2021-23463](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23463)

can you please update the dependencies jar with a fix?

Thanks,
Rajdeep Bhuva







Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Potential vulnerability in dependencies jars #52

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Potential vulnerability in dependencies jars #52

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions