Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependency axios to ^0.21.0 (main) #137

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Update dependency axios to ^0.21.0

5333730
Select commit
Loading
Failed to load commit list.
Open

Update dependency axios to ^0.21.0 (main) #137

Update dependency axios to ^0.21.0
5333730
Select commit
Loading
Failed to load commit list.
Mend for GitHub.com / WhiteSource Security Check failed Apr 30, 2024 in 16m 50s

Security Report

❗️Scan Incomplete: The scan completed with partial failure. The integration encountered issues with one or more projects in this repository, preventing their scan. The errors occurred in the following package managers: gradle,sbt. Consequently, there may be gaps in the coverage of open-source dependencies used in the repository.

general

https://vonagecc.jfrog.io/artifactory

Step Level Description Details
Checking registry connectivity ⚠Warn Unsupported configuration was provided Unsupported registry hostType gradle, skipped

https://vonagecc.jfrog.io/artifactory/maven

Step Level Description Details
Checking registry connectivity ⚠Warn Unsupported configuration was provided Unsupported registry hostType gradle, skipped

gradle

/tmp/ws-scm/comms-router/test/demo-helper/play-helper/build.gradle

Step Level Description Details
Preparing the project for scan ⚠Warn One or more of the installations failed failed to run mend deps script:
NOTE: Picked up JDK_JAVA_OPTIONS: --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.base/sun.reflect.generics.reflectiveObjects=ALL-UNNAMED

FAILURE: Build failed with an exception.

* Where:
Build file '/tmp/ws-scm/comms-router/test/demo-helper/play-helper/build.gradle' line: 2

* What went wrong:
Plugin [id: 'play'] was not found in any of the follow...

npm

https://registry.npmjs.org

Step Level Description Details
Setting the scanner configuration ⚠Warn Failure to set private registries, due to an issue with the configuration provided by the user no "registry" field corresponding to this url was found in the .npmrc files

/tmp/ws-scm/comms-router/applications/gui/package.json

Step Level Description Details
Preparing the project for scan ⚠Warn One or more of the installations failed code ERESOLVE
ERESOLVE could not resolve

While resolving: [email protected]
Found: [email protected]
node_modules/webpack
dev webpack@"^2.2.1" from the root project
peer webpack@"1

You have successfully remediated 129 vulnerabilities, but introduced 130 new vulnerabilities in this branch.

❌ New vulnerabilities:

Partial results (35 vulnerabilities) are displayed below due to a content size limitation in GitHub. To view information on the remaining vulnerabilities, navigate to the Mend Application.


CVE Severity CVSS Score Exploit Maturity EPSS Vulnerable Library Suggested Fix Issue Reachability
CVE-2021-44228

Path to dependency file: /client/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/logging/log4j/log4j-core/2.8.2/log4j-core-2.8.2.jar,/home/wss-scanner/.m2/repository/org/apache/logging/log4j/log4j-core/2.8.2/log4j-core-2.8.2.jar,/home/wss-scanner/.m2/repository/org/apache/logging/log4j/log4j-core/2.8.2/log4j-core-2.8.2.jar,/home/wss-scanner/.m2/repository/org/apache/logging/log4j/log4j-core/2.8.2/log4j-core-2.8.2.jar,/home/wss-scanner/.m2/repository/org/apache/logging/log4j/log4j-core/2.8.2/log4j-core-2.8.2.jar

Dependency Hierarchy:

-> ❌ log4j-core-2.8.2.jar (Vulnerable Library)

Critical 10.0 High 97.6% log4j-core-2.8.2.jar Upgrade to version: org.apache.logging.log4j:log4j-core:2.3.1,2.12.2,2.15.0;org.ops4j.pax.logging:pax-logging-log4j2:1.11.10,2.0.11 None
CVE-2018-14721

Path to dependency file: /applications/demo/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar

Dependency Hierarchy:

-> ❌ jackson-databind-2.8.4.jar (Vulnerable Library)

Critical 10.0 Not Defined 1.2% jackson-databind-2.8.4.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.9.7,2.8.11.3,2.7.9.5,2.6.7.3 None
CVE-2023-34478

Path to dependency file: /web/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/shiro/shiro-core/1.4.0/shiro-core-1.4.0.jar

Dependency Hierarchy:

-> buji-pac4j-3.2.0.jar (Root Library)

   -> shiro-web-1.4.0.jar

     -> ❌ shiro-core-1.4.0.jar (Vulnerable Library)

Critical 9.8 High 0.1% shiro-core-1.4.0.jar Upgrade to version: org.apache.shiro:shiro-core:1.12.0 None
CVE-2022-40664

Path to dependency file: /web/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/shiro/shiro-web/1.4.0/shiro-web-1.4.0.jar

Dependency Hierarchy:

-> buji-pac4j-3.2.0.jar (Root Library)

   -> ❌ shiro-web-1.4.0.jar (Vulnerable Library)

Critical 9.8 Not Defined 1.1% shiro-web-1.4.0.jar Upgrade to version: org.apache.shiro:shiro-web:1.10.0;org.apache.shiro:shiro-all:1.10.0 None
CVE-2022-32532

Path to dependency file: /web/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/shiro/shiro-core/1.4.0/shiro-core-1.4.0.jar

Dependency Hierarchy:

-> buji-pac4j-3.2.0.jar (Root Library)

   -> shiro-web-1.4.0.jar

     -> ❌ shiro-core-1.4.0.jar (Vulnerable Library)

Critical 9.8 Not Defined 5.5% shiro-core-1.4.0.jar Upgrade to version: org.apache.shiro:shiro-core:1.9.1 None
CVE-2022-1471

Path to dependency file: /web/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/yaml/snakeyaml/1.17/snakeyaml-1.17.jar,/home/wss-scanner/.m2/repository/org/yaml/snakeyaml/1.17/snakeyaml-1.17.jar

Dependency Hierarchy:

-> cfg4j-core-4.4.1.jar (Root Library)

   -> ❌ snakeyaml-1.17.jar (Vulnerable Library)

Critical 9.8 Not Defined 0.8% snakeyaml-1.17.jar Upgrade to version: org.yaml:snakeyaml:2.0 None
CVE-2021-41303

Path to dependency file: /web/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/shiro/shiro-core/1.4.0/shiro-core-1.4.0.jar

Dependency Hierarchy:

-> buji-pac4j-3.2.0.jar (Root Library)

   -> shiro-web-1.4.0.jar

     -> ❌ shiro-core-1.4.0.jar (Vulnerable Library)

Critical 9.8 Not Defined 26.9% shiro-core-1.4.0.jar Upgrade to version: org.apache.shiro:shiro-core:1.8.0 None
CVE-2020-9548

Path to dependency file: /applications/demo/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar

Dependency Hierarchy:

-> ❌ jackson-databind-2.8.4.jar (Vulnerable Library)

Critical 9.8 Not Defined 0.4% jackson-databind-2.8.4.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.7.9.7,2.8.11.6,2.9.10.4 None
CVE-2020-9547

Path to dependency file: /applications/demo/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar

Dependency Hierarchy:

-> ❌ jackson-databind-2.8.4.jar (Vulnerable Library)

Critical 9.8 Not Defined 0.70000005% jackson-databind-2.8.4.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.10.3 None
CVE-2020-9546

Path to dependency file: /applications/demo/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar

Dependency Hierarchy:

-> ❌ jackson-databind-2.8.4.jar (Vulnerable Library)

Critical 9.8 Not Defined 0.70000005% jackson-databind-2.8.4.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.10.3 None
CVE-2020-8840

Path to dependency file: /applications/demo/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar

Dependency Hierarchy:

-> ❌ jackson-databind-2.8.4.jar (Vulnerable Library)

Critical 9.8 Not Defined 2.2% jackson-databind-2.8.4.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.9.10.3 None
CVE-2020-1957

Path to dependency file: /web/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/shiro/shiro-web/1.4.0/shiro-web-1.4.0.jar

Dependency Hierarchy:

-> buji-pac4j-3.2.0.jar (Root Library)

   -> ❌ shiro-web-1.4.0.jar (Vulnerable Library)

Critical 9.8 Not Defined 0.70000005% shiro-web-1.4.0.jar Upgrade to version: org.apache.shiro:shiro-web:1.5.2 None
CVE-2020-17510

Path to dependency file: /web/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/shiro/shiro-web/1.4.0/shiro-web-1.4.0.jar

Dependency Hierarchy:

-> buji-pac4j-3.2.0.jar (Root Library)

   -> ❌ shiro-web-1.4.0.jar (Vulnerable Library)

Critical 9.8 Not Defined 2.3% shiro-web-1.4.0.jar Upgrade to version: org.apache.shiro:shiro-web:1.7.0 None
CVE-2020-11989

Path to dependency file: /web/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/org/apache/shiro/shiro-web/1.4.0/shiro-web-1.4.0.jar

Dependency Hierarchy:

-> buji-pac4j-3.2.0.jar (Root Library)

   -> ❌ shiro-web-1.4.0.jar (Vulnerable Library)

Critical 9.8 Not Defined 1.0% shiro-web-1.4.0.jar Upgrade to version: org.apache.shiro:shiro-web:1.5.3,org.apache.shiro:shiro-all:1.5.3 None
CVE-2020-10683

Path to dependency file: /web/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/dom4j/dom4j/1.6.1/dom4j-1.6.1.jar,/home/wss-scanner/.m2/repository/dom4j/dom4j/1.6.1/dom4j-1.6.1.jar,/home/wss-scanner/.m2/repository/dom4j/dom4j/1.6.1/dom4j-1.6.1.jar,/home/wss-scanner/.m2/repository/dom4j/dom4j/1.6.1/dom4j-1.6.1.jar

Dependency Hierarchy:

-> comms-router-core-0.10.2-SNAPSHOT.jar (Root Library)

   -> comms-router-common-0.10.2-SNAPSHOT.jar

     -> common-db-0.10.2-SNAPSHOT.jar

       -> hibernate-core-5.2.11.Final.jar

         -> ❌ dom4j-1.6.1.jar (Vulnerable Library)

Critical 9.8 Not Defined 0.70000005% dom4j-1.6.1.jar Upgrade to version: org.dom4j:dom4j:2.1.3,org.dom4j:dom4j:2.0.3 None
CVE-2019-20330

Path to dependency file: /applications/demo/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar

Dependency Hierarchy:

-> ❌ jackson-databind-2.8.4.jar (Vulnerable Library)

Critical 9.8 Not Defined 0.6% jackson-databind-2.8.4.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.7.9.7,2.8.11.5,2.9.10.2 None
CVE-2019-17531

Path to dependency file: /applications/demo/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar

Dependency Hierarchy:

-> ❌ jackson-databind-2.8.4.jar (Vulnerable Library)

Critical 9.8 Not Defined 0.70000005% jackson-databind-2.8.4.jar Upgrade to version: 2.10 None
CVE-2019-17267

Path to dependency file: /applications/demo/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar

Dependency Hierarchy:

-> ❌ jackson-databind-2.8.4.jar (Vulnerable Library)

Critical 9.8 Not Defined 1.2% jackson-databind-2.8.4.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.8.11.5,2.9.10 None
CVE-2019-17195

Path to dependency file: /web/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/nimbusds/nimbus-jose-jwt/4.41.2/nimbus-jose-jwt-4.41.2.jar

Dependency Hierarchy:

-> pac4j-jwt-2.3.1.jar (Root Library)

   -> ❌ nimbus-jose-jwt-4.41.2.jar (Vulnerable Library)

Critical 9.8 Not Defined 1.2% nimbus-jose-jwt-4.41.2.jar Upgrade to version: com.nimbusds:nimbus-jose-jwt:7.9 None
CVE-2019-16943

Path to dependency file: /applications/demo/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar

Dependency Hierarchy:

-> ❌ jackson-databind-2.8.4.jar (Vulnerable Library)

Critical 9.8 Not Defined 0.4% jackson-databind-2.8.4.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.6.7.3,2.7.9.7,2.8.11.5,2.9.10.1 None
CVE-2019-16942

Path to dependency file: /applications/demo/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar

Dependency Hierarchy:

-> ❌ jackson-databind-2.8.4.jar (Vulnerable Library)

Critical 9.8 Not Defined 0.4% jackson-databind-2.8.4.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.6.7.3,2.7.9.7,2.8.11.5,2.9.10.1 None
CVE-2019-16335

Path to dependency file: /applications/demo/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar

Dependency Hierarchy:

-> ❌ jackson-databind-2.8.4.jar (Vulnerable Library)

Critical 9.8 Not Defined 0.3% jackson-databind-2.8.4.jar Upgrade to version: 2.9.10 None
CVE-2019-14893

Path to dependency file: /applications/demo/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar

Dependency Hierarchy:

-> ❌ jackson-databind-2.8.4.jar (Vulnerable Library)

Critical 9.8 Not Defined 2.5% jackson-databind-2.8.4.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.10.0 None
CVE-2019-14892

Path to dependency file: /applications/demo/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar

Dependency Hierarchy:

-> ❌ jackson-databind-2.8.4.jar (Vulnerable Library)

Critical 9.8 Not Defined 0.4% jackson-databind-2.8.4.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.6.7.3,2.7.9.7,2.8.11.5,2.9.10 None
CVE-2019-14540

Path to dependency file: /applications/demo/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar

Dependency Hierarchy:

-> ❌ jackson-databind-2.8.4.jar (Vulnerable Library)

Critical 9.8 Not Defined 0.4% jackson-databind-2.8.4.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.8.11.5,2.9.10,2.10.0.pr3,2.11.0.rc1 None
CVE-2019-14379

Path to dependency file: /applications/demo/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar

Dependency Hierarchy:

-> ❌ jackson-databind-2.8.4.jar (Vulnerable Library)

Critical 9.8 Not Defined 0.6% jackson-databind-2.8.4.jar Upgrade to version: 2.9.9.2 None
CVE-2019-10202

Path to dependency file: /applications/demo/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar

Dependency Hierarchy:

-> ❌ jackson-databind-2.8.4.jar (Vulnerable Library)

Critical 9.8 Not Defined 1.5% jackson-databind-2.8.4.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.0.0 None
CVE-2018-7489

Path to dependency file: /applications/demo/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar

Dependency Hierarchy:

-> ❌ jackson-databind-2.8.4.jar (Vulnerable Library)

Critical 9.8 Not Defined 93.9% jackson-databind-2.8.4.jar Upgrade to version: 2.8.11.1,2.9.5 None
CVE-2018-19362

Path to dependency file: /applications/demo/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar

Dependency Hierarchy:

-> ❌ jackson-databind-2.8.4.jar (Vulnerable Library)

Critical 9.8 Not Defined 0.9% jackson-databind-2.8.4.jar Upgrade to version: 2.9.8 None
CVE-2018-19361

Path to dependency file: /applications/demo/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar

Dependency Hierarchy:

-> ❌ jackson-databind-2.8.4.jar (Vulnerable Library)

Critical 9.8 Not Defined 0.9% jackson-databind-2.8.4.jar Upgrade to version: 2.9.8 None
CVE-2018-19360

Path to dependency file: /applications/demo/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar

Dependency Hierarchy:

-> ❌ jackson-databind-2.8.4.jar (Vulnerable Library)

Critical 9.8 Not Defined 0.9% jackson-databind-2.8.4.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.7.9.5,2.8.11.3,2.9.8,2.10.0.pr1 None
CVE-2018-14720

Path to dependency file: /applications/demo/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar

Dependency Hierarchy:

-> ❌ jackson-databind-2.8.4.jar (Vulnerable Library)

Critical 9.8 Not Defined 1.0% jackson-databind-2.8.4.jar Upgrade to version: 2.9.7 None
CVE-2018-14719

Path to dependency file: /applications/demo/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar

Dependency Hierarchy:

-> ❌ jackson-databind-2.8.4.jar (Vulnerable Library)

Critical 9.8 Not Defined 1.2% jackson-databind-2.8.4.jar Upgrade to version: 2.9.7 None
CVE-2018-14718

Path to dependency file: /applications/demo/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar

Dependency Hierarchy:

-> ❌ jackson-databind-2.8.4.jar (Vulnerable Library)

Critical 9.8 Not Defined 4.5% jackson-databind-2.8.4.jar Upgrade to version: 2.9.7 None
CVE-2018-11307

Path to dependency file: /applications/demo/pom.xml

Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar,/home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.8.4/jackson-databind-2.8.4.jar

Dependency Hierarchy:

-> ❌ jackson-databind-2.8.4.jar (Vulnerable Library)

Critical 9.8 Not Defined 1.1% jackson-databind-2.8.4.jar Upgrade to version: jackson-databind-2.9.6 None

✔️ Remediated vulnerabilities:

CVE Vulnerable Library
CVE-2023-26049 jetty-http-9.4.5.v20170502.jar
CVE-2016-10735 bootstrap-3.3.4.min.js
CVE-2020-36188 jackson-databind-2.8.11.jar
CVE-2022-2047 jetty-client-9.4.5.v20170502.jar
CVE-2018-16115 akka-actor_2.12-2.5.8.jar
CVE-2020-35491 jackson-databind-2.8.11.jar
CVE-2020-36183 jackson-databind-2.8.11.jar
CVE-2019-12814 jackson-databind-2.8.11.jar
CVE-2018-5968 jackson-databind-2.8.11.jar
CVE-2020-10650 jackson-databind-2.8.11.jar
CVE-2023-6378 logback-classic-1.2.3.jar
CVE-2018-14719 jackson-databind-2.8.11.jar
CVE-2021-42550 logback-classic-1.2.3.jar
CVE-2012-0881 xercesImpl-2.11.0.jar
CVE-2020-26883 play-java_2.12-2.6.11.jar
CVE-2021-42550 logback-core-1.2.3.jar
CVE-2019-14439 jackson-databind-2.8.11.jar
CVE-2018-20677 bootstrap-3.3.4.min.js
CVE-2021-28165 jetty-io-9.4.5.v20170502.jar
CVE-2018-14718 jackson-databind-2.8.11.jar
CVE-2020-9546 jackson-databind-2.8.11.jar
CVE-2020-36187 jackson-databind-2.8.11.jar
CVE-2021-20190 jackson-databind-2.8.11.jar
CVE-2023-6481 logback-core-1.2.3.jar
CVE-2021-3749 axios-0.15.3.tgz
CVE-2018-1000873 jackson-datatype-jsr310-2.8.11.jar
CVE-2022-22970 spring-core-4.3.11.RELEASE.jar
CVE-2020-26882 play_2.12-2.6.11.jar
CVE-2018-12023 jackson-databind-2.8.11.jar
CVE-2023-26119 htmlunit-2.27.jar
CVE-2017-7657 jetty-http-9.4.5.v20170502.jar
CVE-2020-14338 xercesImpl-2.11.0.jar
CVE-2020-36179 jackson-databind-2.8.11.jar
CVE-2020-36518 jackson-databind-2.8.11.jar
CVE-2019-14893 jackson-databind-2.8.11.jar
CVE-2021-22096 spring-core-4.3.11.RELEASE.jar
CVE-2019-10202 jackson-databind-2.8.11.jar
CVE-2023-2798 htmlunit-2.27.jar
CVE-2020-11620 jackson-databind-2.8.11.jar
CVE-2018-1272 spring-core-4.3.11.RELEASE.jar
CVE-2018-12536 jetty-util-9.4.5.v20170502.jar
CVE-2020-26883 play_2.12-2.6.11.jar
CVE-2022-29546 neko-htmlunit-2.27.jar
CVE-2019-17598 play-ws_2.12-2.6.5.jar
CVE-2022-22970 spring-beans-4.3.11.RELEASE.jar
CVE-2019-17531 jackson-databind-2.8.11.jar
CVE-2020-10672 jackson-databind-2.8.11.jar
CVE-2018-11307 jackson-databind-2.8.11.jar
CVE-2020-24750 jackson-databind-2.8.11.jar
CVE-2020-36186 jackson-databind-2.8.11.jar
CVE-2013-4002 xercesImpl-2.11.0.jar
CVE-2019-16335 jackson-databind-2.8.11.jar
CVE-2019-8331 bootstrap-3.3.4.min.js
CVE-2020-10673 jackson-databind-2.8.11.jar
CVE-2018-12022 jackson-databind-2.8.11.jar
CVE-2020-14062 jackson-databind-2.8.11.jar
CVE-2018-1199 spring-core-4.3.11.RELEASE.jar
CVE-2020-28168 axios-0.15.3.tgz
CVE-2020-5529 htmlunit-2.27.jar
CVE-2019-14892 jackson-databind-2.8.11.jar
CVE-2023-36478 jetty-http-9.4.5.v20170502.jar
CVE-2022-0155 follow-redirects-1.0.0.tgz
CVE-2020-36180 jackson-databind-2.8.11.jar
CVE-2023-2976 guava-23.0.jar
CVE-2021-23339 akka-http-core_2.12-10.0.11.jar
CVE-2020-10969 jackson-databind-2.8.11.jar
CVE-2020-9547 jackson-databind-2.8.11.jar
CVE-2018-14721 jackson-databind-2.8.11.jar
CVE-2018-19362 jackson-databind-2.8.11.jar
CVE-2020-11112 jackson-databind-2.8.11.jar
CVE-2022-22965 spring-beans-4.3.11.RELEASE.jar
CVE-2019-10742 axios-0.15.3.tgz
CVE-2020-15250 junit-4.12.jar
CVE-2020-9548 jackson-databind-2.8.11.jar
CVE-2020-10968 jackson-databind-2.8.11.jar
CVE-2020-14060 jackson-databind-2.8.11.jar
CVE-2020-11619 jackson-databind-2.8.11.jar
CVE-2020-36185 jackson-databind-2.8.11.jar
CVE-2023-45857 axios-0.15.3.tgz
CVE-2019-16942 jackson-databind-2.8.11.jar
CVE-2022-22968 spring-context-4.3.11.RELEASE.jar
CVE-2021-28169 jetty-http-9.4.5.v20170502.jar
CVE-2023-2976 guava-22.0.jar
CVE-2018-10237 guava-23.0.jar
CVE-2022-42003 jackson-databind-2.8.11.jar
CVE-2020-36181 jackson-databind-2.8.11.jar
CVE-2018-19361 jackson-databind-2.8.11.jar
CVE-2017-7658 jetty-http-9.4.5.v20170502.jar
CVE-2020-8908 guava-22.0.jar
CVE-2022-23437 xercesImpl-2.11.0.jar
CVE-2021-22060 spring-core-4.3.11.RELEASE.jar
CVE-2020-14061 jackson-databind-2.8.11.jar
CVE-2020-11111 jackson-databind-2.8.11.jar
CVE-2020-36184 jackson-databind-2.8.11.jar
CVE-2019-12086 jackson-databind-2.8.11.jar
CVE-2020-8840 jackson-databind-2.8.11.jar
CVE-2020-35490 jackson-databind-2.8.11.jar
CVE-2019-16943 jackson-databind-2.8.11.jar
CVE-2023-40167 jetty-http-9.4.5.v20170502.jar
CVE-2018-20676 bootstrap-3.3.4.min.js
CVE-2023-26159 follow-redirects-1.0.0.tgz
CVE-2022-0536 follow-redirects-1.0.0.tgz
CVE-2020-35728 jackson-databind-2.8.11.jar
CVE-2019-20330 jackson-databind-2.8.11.jar
CVE-2020-8908 guava-23.0.jar
CVE-2020-14195 jackson-databind-2.8.11.jar
CVE-2020-24616 jackson-databind-2.8.11.jar
CVE-2018-14720 jackson-databind-2.8.11.jar
CVE-2020-11113 jackson-databind-2.8.11.jar
CVE-2020-26882 play-java_2.12-2.6.11.jar
CVE-2019-14379 jackson-databind-2.8.11.jar
CVE-2020-36189 jackson-databind-2.8.11.jar
CVE-2022-31023 play_2.12-2.6.11.jar
CVE-2020-36182 jackson-databind-2.8.11.jar
CVE-2018-10237 guava-22.0.jar
CVE-2018-19360 jackson-databind-2.8.11.jar
CVE-2020-27196 play-java-forms_2.12-2.6.11.jar
CVE-2019-14540 jackson-databind-2.8.11.jar
CVE-2019-12384 jackson-databind-2.8.11.jar
CVE-2024-31033 jjwt-0.7.0.jar
CVE-2019-17267 jackson-databind-2.8.11.jar
CVE-2022-2047 jetty-http-9.4.5.v20170502.jar
CVE-2022-42004 jackson-databind-2.8.11.jar
CVE-2018-14042 bootstrap-3.3.4.min.js
WS-2021-0419 gson-2.8.0.jar
CVE-2024-28849 follow-redirects-1.0.0.tgz
CVE-2022-25647 gson-2.8.0.jar
WS-2014-0065 jna-platform-4.1.0.jar
CVE-2019-10241 jetty-util-9.4.5.v20170502.jar

Base branch total remaining vulnerabilities: 155
Base branch commit: null


Total libraries scanned: 246

Scan token: 50c3035db0364cf0bd198b380694cdbb

View more details on Mend for GitHub.com