Hi! We spot a vulnerable dependency in your project, which might threaten your software.
And we found that the vulnerable function of this CVE can be easily accessed from your software.
- CVE_ID: CVE-2021-29425
- Vulnerable dependency: commons-io:commons-io
- Your invocation path to the vulnerable method:
com.simpligility.maven.plugins.android.standalonemojos.ZipalignMojo:getFullPathWithName(java.lang.String)
⬇️
org.apache.commons.io.FilenameUtils:getFullPath(java.lang.String)
⬇️
org.apache.commons.io.FilenameUtils:doGetFullPath(java.lang.String,boolean)
⬇️
org.apache.commons.io.FilenameUtils:getPrefixLength(java.lang.String)
Therefore, maybe you need to upgrade this dependency. Hope this can help you! 😄
Hi! We spot a vulnerable dependency in your project, which might threaten your software.
And we found that the vulnerable function of this CVE can be easily accessed from your software.
Therefore, maybe you need to upgrade this dependency. Hope this can help you! 😄