Open CVEs found using sbt dependencyCheck and yarn audit

## Description

This issue is created from v1.5.0 release feedback provided by Steve Lawrence.

usage [MINOR] no open CVEs found using sbt dependencyCheck and yarn audit
     - MEDIUM finding for java commons-io 2.10.0 (CVE-2024-47554)
     - HIGH finding for java logback-core/classic 1.2.11 (CVE-2023-6378)
     - other jar dependencies seem to be false positives
     - LOW finding for npm cookie

## Steps to Reproduce

sbt dependencyCheck and yarn audit

## Expected Behavior

should not have any medium or high vulnerability exists.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Open CVEs found using sbt dependencyCheck and yarn audit #1561

Description

Steps to Reproduce

Expected Behavior

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Open CVEs found using sbt dependencyCheck and yarn audit #1561

Description

Description

Steps to Reproduce

Expected Behavior

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions