Akashgill3 commented on PR #58: URL: https://github.com/apache/maven-reporting-impl/pull/58#issuecomment-2517845639
Please merge this PR, it addresses the security vulnerability CVE-2024-36124 by upgrading Plexus-archiver to version 4.10.0 in Maven-Archiver. While not a major threat, the update eliminates using Snappy, the source of the identified security risk. Merging this change will help mitigate the potential vulnerability. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
