[xwiki-notifications] [xwiki/xwiki-platform] 00bc66: XWIKI-23646: Security vulnerability application im...

Branch: refs/heads/stable-17.4.x Home: https://github.com/xwiki/xwiki-platform Commit: 00bc6605d778170ab07f07ae61be8196a34f1dbf https://github.com/xwiki/xwiki-platform/commit/00bc6605d778170ab07f07ae61be… Author: Simon Urli <simon.urli(a)xwiki.com> Date: 2025-11-03 (Mon, 03 Nov 2025) Changed paths: M pom.xml M xwiki-platform-core/xwiki-platform-extension/xwiki-platform-extension-index/pom.xml M xwiki-platform-core/xwiki-platform-extension/xwiki-platform-extension-index/src/main/java/org/xwiki/extension/index/security/SecurityVulnerabilityDescriptor.java M xwiki-platform-core/xwiki-platform-extension/xwiki-platform-extension-security/xwiki-platform-extension-security-api/src/main/java/org/xwiki/extension/security/internal/ExtensionSecuritySolrClient.java M xwiki-platform-core/xwiki-platform-extension/xwiki-platform-extension-security/xwiki-platform-extension-security-api/src/main/java/org/xwiki/extension/security/internal/SolrToLiveDataEntryMapper.java M xwiki-platform-core/xwiki-platform-extension/xwiki-platform-extension-security/xwiki-platform-extension-security-api/src/test/java/org/xwiki/extension/security/internal/ExtensionSecuritySolrClientTest.java M xwiki-platform-core/xwiki-platform-extension/xwiki-platform-extension-security/xwiki-platform-extension-security-index/src/main/java/org/xwiki/extension/security/internal/analyzer/VulnerabilityIndexer.java M xwiki-platform-core/xwiki-platform-extension/xwiki-platform-extension-security/xwiki-platform-extension-security-index/src/main/java/org/xwiki/extension/security/internal/analyzer/osv/OsvResponseAnalyzer.java M xwiki-platform-core/xwiki-platform-extension/xwiki-platform-extension-security/xwiki-platform-extension-security-index/src/main/java/org/xwiki/extension/security/internal/analyzer/osv/model/response/VulnObject.java M xwiki-platform-core/xwiki-platform-extension/xwiki-platform-extension-security/xwiki-platform-extension-security-index/src/test/java/org/xwiki/extension/security/internal/analyzer/osv/OsvResponseAnalyzerTest.java A xwiki-platform-core/xwiki-platform-extension/xwiki-platform-extension-security/xwiki-platform-extension-security-index/src/test/resources/commons-fileupload-commons-fileupload-1.5.json A xwiki-platform-core/xwiki-platform-extension/xwiki-platform-extension-security/xwiki-platform-extension-security-index/src/test/resources/commons-httpclient-commons-httpclient-3.1.json A xwiki-platform-core/xwiki-platform-extension/xwiki-platform-extension-security/xwiki-platform-extension-security-index/src/test/resources/osvResponseCVSSV2.json A xwiki-platform-core/xwiki-platform-extension/xwiki-platform-extension-security/xwiki-platform-extension-security-index/src/test/resources/osvResponseMultipleSeverities.json Log Message: ----------- XWIKI-23646: Security vulnerability application improvments (#4722) * Allow computation of CVSS v4 * Only limit displays of vulnerabilities based on CVE ID and no longer on max severity * Support multiple severities and prioritize them --------- Co-authored-by: Manuel Leduc <manuel.leduc(a)xwiki.com> (cherry picked from commit c3b71baf829bb9c292d6e752f09cea45df6ae509) To unsubscribe from these emails, change your notification settings at https://github.com/xwiki/xwiki-platform/settings/notifications