How does the Conductor OSS team handle CVE identification and remediation? #522

atuldhiman · 2025-06-09T08:51:55Z

atuldhiman
Jun 9, 2025

Hi team,

I’m interested in understanding the security practices followed in this repository.

1. How does the Conductor OSS team identify vulnerabilities such as CVEs?

2. Are there any specific tools or automated scanners used as part of this process?

3. What is the standard procedure followed when a CVE is discovered in this project?

The spring boot version used is v3.3.5 and there are 2 CVEs associated with it.
https://mvnrepository.com/artifact/org.springframework.boot/spring-boot/3.3.5

Appreciate any insights you can share. Thank you!

v1r3n · 2025-06-26T06:38:41Z

v1r3n
Jun 26, 2025
Maintainer

Hi @atuldhiman we monitor CVEs and address them regularly.

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Conductor OSS

How does the Conductor OSS team handle CVE identification and remediation? #522

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{editor}}'s edit

{{editor}}'s edit

Uh oh!

Replies: 1 comment

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Conductor OSS

How does the Conductor OSS team handle CVE identification and remediation? #522

Uh oh!

Uh oh!

atuldhiman Jun 9, 2025

Replies: 1 comment

Uh oh!

v1r3n Jun 26, 2025 Maintainer

atuldhiman
Jun 9, 2025

v1r3n
Jun 26, 2025
Maintainer