WireMock

image.png

Hello !
there is vulnerability CVE-2018-9116 detected by sonatype nexus iq
Version is 4.0.0-beta.15
could you please help ? thanks

I am a little surprised why this has come up.  When you look at the details of the CVE you see it was for a very old version of WireMock - `Products affected by CVE-2018-9116 - Versions before (&lt;) 2.16.0`

Also, the class referenced in your screenshot (`MatchesXPathPattern`) hasn't been updated  since 2023 (other than a comment update) - <https://github.com/wiremock/wiremock/commits/master/wiremock-common/src/main/java/com/github/tomakehurst/wiremock/matching/MatchesXPathPattern.java>

It is a little puzzling as to why this is coming up now