Skip to content

Maven release version 3.3.1 contains org.apache.sshd:sshd-common:2.7.0 with CVE 2022-45047 #1458

Open
Open
Maven release version 3.3.1 contains org.apache.sshd:sshd-common:2.7.0 with CVE 2022-45047#1458
Labels
enhancementNew feature or request
@Houbein

Description

@Houbein
Houbein
opened on Feb 2, 2026

New feature, improvement proposal

I want to use the release plugin (latest 3.3.1), but when I try our company CVE scanner goes off on a critical CVE in one of it's transitive dependencies and blocks it.
org.apache.sshd:sshd-common:2.7.0
CVE 2022-45047
Can this dependency chain be updated?

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions