Hello! we found a vulnerable dependency in your project.

Hi! We spot a vulnerable dependency in your project, which might threaten your software. 
And we found that the vulnerable function of this CVE can be easily accessed from your software.
+ CVE_ID: **CVE-2021-29425**
+ Vulnerable dependency: **commons-io:commons-io**
+ Your invocation path to the vulnerable method:
```java
com.simpligility.maven.plugins.android.standalonemojos.ZipalignMojo:getFullPathWithName(java.lang.String)
⬇️
org.apache.commons.io.FilenameUtils:getFullPath(java.lang.String)
⬇️
org.apache.commons.io.FilenameUtils:doGetFullPath(java.lang.String,boolean)
⬇️
org.apache.commons.io.FilenameUtils:getPrefixLength(java.lang.String)
```

Therefore, maybe you need to upgrade this dependency. Hope this can help you! 😄



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Hello! we found a vulnerable dependency in your project. #809

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Hello! we found a vulnerable dependency in your project. #809

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions