Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

RepositoryGroupImpact AnalysisAction
aaf/authz
AAF has removed all Security Issues of any kind from the AAF tool repo.


aaf/cadiorg.apache.shiro

False Positive

cadi-shiro Adapter is only for Shiro. The Adapter only is used within Shiro, and thus, the security question is about whether to use Shiro or not, which is not a CADI problem.

Not applicable

If ONAP Shiro Users move to Shiro 1.4.0, we might be able to update.

aaf/cadicommons.beanutils

False Positive

This lib is only used by Shiro, and inclusion of Shiro is the only reason it is flagged. Solution is the same. as org.apache.shiro

Not applicable

It doesn't look like upgrading to Shiro 1.4.0 will help this version of common-beanutils




  • No labels