Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update pom.xml #266

Merged
merged 17 commits into from
Dec 26, 2024
Merged

Update pom.xml #266

merged 17 commits into from
Dec 26, 2024

Conversation

miryamfoiferCX
Copy link
Contributor

No description provided.

@github-actions GitHub Actions
Copy link

github-actions bot commented Dec 26, 2024
edited
Loading

Logo
Checkmarx One – Scan Summary & Detailse3b6577a-1612-4feb-924d-862fa19a0997

New Issues

Severity Issue Source File / Package Checkmarx Insight
CRITICAL CVE-2016-1000027 Maven-org.springframework:spring-webmvc-5.3.39 Vulnerable Package
CRITICAL CVE-2016-1000027 Maven-org.springframework:spring-web-5.3.39 Vulnerable Package
CRITICAL Cxa9261daf-3755 Maven-org.bouncycastle:bcprov-jdk15on-1.64 Vulnerable Package
HIGH CVE-2022-34169 Maven-xalan:xalan-2.7.2 Vulnerable Package
HIGH CVE-2022-4065 Maven-org.testng:testng-6.14.3 Vulnerable Package
HIGH CVE-2023-2976 Maven-com.google.guava:guava-31.1-android Vulnerable Package
HIGH CVE-2024-38816 Maven-org.springframework:spring-webmvc-5.3.39 Vulnerable Package
HIGH CVE-2024-38819 Maven-org.springframework:spring-webmvc-5.3.39 Vulnerable Package
HIGH Cx78f40514-81ff Maven-commons-collections:commons-collections-3.2.2 Vulnerable Package
HIGH Cx8fd408ac-dd80 Maven-com.beust:jcommander-1.72 Vulnerable Package
MEDIUM CVE-2012-5783 Maven-commons-httpclient:commons-httpclient-3.1 Vulnerable Package
MEDIUM CVE-2012-6153 Maven-commons-httpclient:commons-httpclient-3.1 Vulnerable Package
MEDIUM CVE-2020-15522 Maven-org.bouncycastle:bcprov-jdk15on-1.64 Vulnerable Package
MEDIUM CVE-2020-1945 Maven-org.apache.ant:ant-1.10.3 Vulnerable Package
MEDIUM CVE-2021-36373 Maven-org.apache.ant:ant-1.10.3 Vulnerable Package
MEDIUM CVE-2021-36374 Maven-org.apache.ant:ant-1.10.3 Vulnerable Package
MEDIUM CVE-2023-33201 Maven-org.bouncycastle:bcprov-jdk15on-1.64 Vulnerable Package
MEDIUM CVE-2023-33201 Maven-org.bouncycastle:bcprov-jdk18on-1.72 Vulnerable Package
MEDIUM CVE-2023-33202 Maven-org.bouncycastle:bcprov-jdk15on-1.64 Vulnerable Package
MEDIUM CVE-2023-33202 Maven-org.bouncycastle:bcprov-jdk18on-1.72 Vulnerable Package
MEDIUM CVE-2024-29857 Maven-org.bouncycastle:bcprov-jdk15on-1.64 Vulnerable Package
MEDIUM CVE-2024-29857 Maven-org.bouncycastle:bcprov-jdk18on-1.72 Vulnerable Package
MEDIUM CVE-2024-30171 Maven-org.bouncycastle:bcprov-jdk18on-1.72 Vulnerable Package
MEDIUM CVE-2024-30171 Maven-org.bouncycastle:bcprov-jdk15on-1.64 Vulnerable Package
MEDIUM CVE-2024-30172 Maven-org.bouncycastle:bcprov-jdk18on-1.72 Vulnerable Package
MEDIUM CVE-2024-30172 Maven-org.bouncycastle:bcpkix-jdk18on-1.72 Vulnerable Package
MEDIUM CVE-2024-30172 Maven-org.bouncycastle:bcprov-jdk15on-1.64 Vulnerable Package
MEDIUM CVE-2024-38827 Maven-org.springframework.security:spring-security-crypto-5.8.15 Vulnerable Package
MEDIUM CVE-2024-38827 Maven-org.springframework.security:spring-security-core-5.8.15 Vulnerable Package
MEDIUM CVE-2024-38827 Maven-org.springframework.security:spring-security-web-5.8.15 Vulnerable Package
MEDIUM CVE-2024-38827 Maven-org.springframework.security:spring-security-config-5.8.15 Vulnerable Package
MEDIUM CVE-2024-38828 Maven-org.springframework:spring-webmvc-5.3.39 Vulnerable Package
MEDIUM CVE-2024-38829 Maven-org.springframework.ldap:spring-ldap-core-2.4.1 Vulnerable Package
LOW CVE-2020-8908 Maven-com.google.guava:guava-31.1-android Vulnerable Package
LOW CVE-2024-38820 Maven-org.springframework:spring-jdbc-5.3.39 Vulnerable Package
LOW CVE-2024-38820 Maven-org.springframework:spring-expression-5.3.39 Vulnerable Package
LOW CVE-2024-38820 Maven-org.springframework:spring-core-5.3.39 Vulnerable Package
LOW CVE-2024-38820 Maven-org.springframework:spring-web-5.3.39 Vulnerable Package
LOW CVE-2024-38820 Maven-org.springframework:spring-beans-5.3.39 Vulnerable Package
LOW CVE-2024-38820 Maven-org.springframework:spring-webmvc-5.3.39 Vulnerable Package
LOW CVE-2024-38820 Maven-org.springframework:spring-context-5.3.39 Vulnerable Package
LOW CVE-2024-38820 Maven-org.springframework:spring-context-support-5.3.39 Vulnerable Package

@miryamfoiferCX miryamfoiferCX marked this pull request as ready for review December 26, 2024 13:53
@greensd4 greensd4 merged commit 2859085 into main Dec 26, 2024
5 of 6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AlvoBen AlvoBen Awaiting requested review from AlvoBen AlvoBen is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@miryamfoiferCX @greensd4