Update dependency org.projectlombok:lombok to v1.18.34 #351
+1
−1
Mend Bolt for GitHub / WhiteSource Security Check
failed
Jun 28, 2024 in 4m 8s
Security Report
1 new vulnerabilities were introduced in this branch.
❌ New vulnerabilities:
CVE | Severity | Vulnerable Library | Suggested Fix | Issue | |
---|---|---|---|---|---|
CVE-2024-23672Dependency Hierarchy: -> webdocs-actuator-0.1.0-SNAPSHOT.jar (Root Library) -> webdocs-commons-0.1.0-SNAPSHOT.jar -> spring-boot-starter-web-2.7.5.jar -> spring-boot-starter-tomcat-2.7.5.jar -> ❌ tomcat-embed-websocket-9.0.68.jar (Vulnerable Library) |
7.5 | tomcat-embed-websocket-9.0.68.jar | Upgrade to version: org.apache.tomcat:tomcat-websocket:8.5.99,9.0.86,10.1.19,11.0.0-M17 ,org.apache.tomcat.embed:tomcat-embed-websocket:8.5.99,9.0.86,10.1.19,11.0.0-M17 | None |
Base branch total remaining vulnerabilities: 68
Base branch commit: c7ec20e7636517fb8d076d86cdac3414ca4c5842
Total libraries scanned: 342
Scan token: 430eb159f2284df892f328949f5c736d
Loading