Fix vulnerability CVE-2022-46337
sanchayata-jain-cko opened this issue · comments
sanchayata-jain-cko commented
Docker image is affected by a Fixable GHSA-rcjc-c4pj-xxrp in library 'org.apache.derby:derby' (version 10.16.1.1), resolved by version 10.17.1.0
Juan Cruz commented
Any update here?
Barry Attwater commented
Please see the release notes for Flyway 10.7.1 and details added to the Derby support page.
Unfortunately since Flyway cannot currently upgrade to support Java 21 and Derby have not released a fix for their versions which support Java 17, we have had to remove the Derby driver and leave it to the user to make their decision on how to approach this.