Skip to main content

Fix example direct vulnerability for Ant

When your configuration file specifically references a library, or you add the library to your project as a JAR file, Veracode SCA refers to the library as a direct dependency.

These example steps provide a fix for an Unauthorized Modification of Nodes vulnerability in Apache Kafka, version in the example-java-ant repository.

To complete this task:

  1. Delete the kafka_2.11- in the libsrc/ directory.

    The libsrc/ directory is the location where you store the JAR files for your project.

  2. From the issue details page, click the link to the appropriate version of the Apache Kafka library in Maven Central.

  3. Within that page, select the download link for the Apache Kafka JAR file.

  4. Download the JAR file to the libsrc/ directory.

  5. Validate the fix.