Hello
with
./gradlew dependencyCheckAnalyze
i found
org.eclipse.paho.client.mqttv3-1.2.5.jar (pkg:maven/org.eclipse.paho/org.eclipse.paho.client.mqttv3@1.2.5, cpe:2.3:a:eclipse:paho_java_client:1.2.5:*:*:*:*:*:*:*, cpe:2.3:a:eclipse:paho_mqtt:1.2.5:*:*:*:*:*:*:*) : CVE-2025-10543
I think it's a false positive, since the CVE doesn't mention Java. What do you think?
Regards
cyberrranger
Hello
with
./gradlew dependencyCheckAnalyze
i found
org.eclipse.paho.client.mqttv3-1.2.5.jar (pkg:maven/org.eclipse.paho/org.eclipse.paho.client.mqttv3@1.2.5, cpe:2.3:a:eclipse:paho_java_client:1.2.5:*:*:*:*:*:*:*, cpe:2.3:a:eclipse:paho_mqtt:1.2.5:*:*:*:*:*:*:*) : CVE-2025-10543I think it's a false positive, since the CVE doesn't mention Java. What do you think?
Regards
cyberrranger