Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[AUTO] Increment version to 2.17.2-SNAPSHOT #34

Merged
merged 1 commit into from
Oct 10, 2024

Increment version to 2.17.2-SNAPSHOT

6a575b8
Select commit
Loading
Failed to load commit list.
Merged

[AUTO] Increment version to 2.17.2-SNAPSHOT #34

Increment version to 2.17.2-SNAPSHOT
6a575b8
Select commit
Loading
Failed to load commit list.
Mend for GitHub.com / Mend Security Check failed Oct 3, 2024 in 6m 46s

Security Report

1 new vulnerabilities were introduced in this branch.

❌ New vulnerabilities:

CVE Severity CVSS Score Vulnerable Library Suggested Fix Issue
CVE-2024-7254

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/com.google.protobuf/protobuf-java/3.22.3/fdee98b8f6abab73f146a4edb4c09e56f8278d03/protobuf-java-3.22.3.jar

Dependency Hierarchy:

-> opensearch-2.17.2-SNAPSHOT.jar (Root Library)

   -> ❌ protobuf-java-3.22.3.jar (Vulnerable Library)

High 7.5 protobuf-java-3.22.3.jar Upgrade to version: com.google.protobuf:protobuf-javalite - 3.25.5,4.28.2,4.27.5;com.google.protobuf:protobuf-java - 4.27.5,3.25.5,4.28.2 None

Base branch total remaining vulnerabilities: 0
Base branch commit: 0a981e9ab250f6aa31c0b66e8c2565d9e5acb371


Total libraries scanned: 111

Scan token: 3d7030651ebe4311bdc8d6161f26843d

View more details on Mend for GitHub.com