Skip to content

[Snyk] Fix for 29 vulnerabilities #53

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Fix for 29 vulnerabilities #53

wants to merge 1 commit into from

Conversation

SamShoberWork
Copy link
Contributor

snyk-top-banner

Snyk has created this PR to fix 29 vulnerabilities in the maven dependencies of this project.

Snyk changed the following file(s):

  • pom.xml

Vulnerabilities that will be fixed with an upgrade:

Issue Score Upgrade
high severity Arbitrary File Upload
SNYK-JAVA-IOUNDERTOW-567770		   801   io.undertow:undertow-core:
2.0.9.Final -> 2.2.37.Final
Mature
high severity Uncontrolled Resource Consumption ('Resource Exhaustion')
SNYK-JAVA-IOUNDERTOW-7300153		   756   io.undertow:undertow-core:
2.0.9.Final -> 2.2.37.Final
Proof of Concept
critical severity Information Exposure
SNYK-JAVA-IOUNDERTOW-451626		   704   io.undertow:undertow-core:
2.0.9.Final -> 2.2.37.Final
No Known Exploit
high severity Denial of Service (DoS)
SNYK-JAVA-ORGJSON-2841369		   696   org.json:json:
20131018 -> 20231013
Major version upgrade Proof of Concept
high severity Denial of Service (DoS)
SNYK-JAVA-ORGJSON-5488379		   696   org.json:json:
20131018 -> 20231013
Major version upgrade Proof of Concept
high severity Allocation of Resources Without Limits or Throttling
SNYK-JAVA-ORGJSON-5962464		   696   org.json:json:
20131018 -> 20231013
Major version upgrade Proof of Concept
critical severity HTTP Request Smuggling
SNYK-JAVA-IOUNDERTOW-8383402		   669   io.undertow:undertow-core:
2.0.9.Final -> 2.2.37.Final
No Known Exploit
high severity HTTP Request Smuggling
SNYK-JAVA-IOUNDERTOW-1012559		   655   io.undertow:undertow-core:
2.0.9.Final -> 2.2.37.Final
No Known Exploit
high severity Uncontrolled Resource Consumption
SNYK-JAVA-IOUNDERTOW-7300152		   649   io.undertow:undertow-core:
2.0.9.Final -> 2.2.37.Final
No Known Exploit
high severity Uncontrolled Recursion
SNYK-JAVA-IOUNDERTOW-7433720		   649   io.undertow:undertow-core:
2.0.9.Final -> 2.2.37.Final
No Known Exploit
high severity Denial of Service (DoS)
SNYK-JAVA-IOUNDERTOW-7984545		   649   io.undertow:undertow-core:
2.0.9.Final -> 2.2.37.Final
No Known Exploit
high severity HTTP Request Smuggling
SNYK-JAVA-IOUNDERTOW-570455		   605   io.undertow:undertow-core:
2.0.9.Final -> 2.2.37.Final
No Known Exploit
high severity Denial of Service (DoS)
SNYK-JAVA-IOUNDERTOW-2391283		   589   io.undertow:undertow-core:
2.0.9.Final -> 2.2.37.Final
No Known Exploit
high severity Denial of Service (DoS)
SNYK-JAVA-IOUNDERTOW-3012383		   589   io.undertow:undertow-core:
2.0.9.Final -> 2.2.37.Final
No Known Exploit
high severity Denial of Service (DoS)
SNYK-JAVA-IOUNDERTOW-3106930		   589   io.undertow:undertow-core:
2.0.9.Final -> 2.2.37.Final
No Known Exploit
high severity Improper Certificate Validation
SNYK-JAVA-IOUNDERTOW-3339519		   589   io.undertow:undertow-core:
2.0.9.Final -> 2.2.37.Final
No Known Exploit
high severity Denial of Service (DoS)
SNYK-JAVA-IOUNDERTOW-568918		   589   io.undertow:undertow-core:
2.0.9.Final -> 2.2.37.Final
No Known Exploit
high severity Improper Input Validation
SNYK-JAVA-IOUNDERTOW-6567186		   589   io.undertow:undertow-core:
2.0.9.Final -> 2.2.37.Final
No Known Exploit
high severity Allocation of Resources Without Limits or Throttling
SNYK-JAVA-IOUNDERTOW-6669948		   589   io.undertow:undertow-core:
2.0.9.Final -> 2.2.37.Final
No Known Exploit
high severity Uncontrolled Resource Consumption
SNYK-JAVA-ORGJBOSSXNIO-6403375		   589   io.undertow:undertow-core:
2.0.9.Final -> 2.2.37.Final
No Known Exploit
medium severity Race Condition
SNYK-JAVA-IOUNDERTOW-7707751		   559   io.undertow:undertow-core:
2.0.9.Final -> 2.2.37.Final
No Known Exploit
medium severity Denial of Service (DoS)
SNYK-JAVA-IOUNDERTOW-1304915		   509   io.undertow:undertow-core:
2.0.9.Final -> 2.2.37.Final
No Known Exploit
medium severity Information Exposure
SNYK-JAVA-IOUNDERTOW-174583		   479   io.undertow:undertow-core:
2.0.9.Final -> 2.2.37.Final
No Known Exploit
medium severity Denial of Service (DoS)
SNYK-JAVA-IOUNDERTOW-2847922		   479   io.undertow:undertow-core:
2.0.9.Final -> 2.2.37.Final
No Known Exploit
medium severity Denial of Service (DoS)
SNYK-JAVA-IOUNDERTOW-2871356		   479   io.undertow:undertow-core:
2.0.9.Final -> 2.2.37.Final
No Known Exploit
medium severity Denial of Service (DoS)
SNYK-JAVA-IOUNDERTOW-3358786		   479   io.undertow:undertow-core:
2.0.9.Final -> 2.2.37.Final
No Known Exploit
medium severity Directory Traversal
SNYK-JAVA-IOUNDERTOW-7361775		   479   io.undertow:undertow-core:
2.0.9.Final -> 2.2.37.Final
No Known Exploit
medium severity Information Exposure
SNYK-JAVA-IOUNDERTOW-471684		   454   io.undertow:undertow-core:
2.0.9.Final -> 2.2.37.Final
No Known Exploit
low severity Memory Leak
SNYK-JAVA-IOUNDERTOW-7433721		   329   io.undertow:undertow-core:
2.0.9.Final -> 2.2.37.Final
No Known Exploit

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Denial of Service (DoS)
🦉 Arbitrary File Upload
🦉 Improper Input Validation
🦉 More lessons are available in Snyk Learn

@snyk-bot
fix: pom.xml to reduce vulnerabilities
84928b7 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-567770
- https://snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-7300153
- https://snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-451626
- https://snyk.io/vuln/SNYK-JAVA-ORGJSON-2841369
- https://snyk.io/vuln/SNYK-JAVA-ORGJSON-5488379
- https://snyk.io/vuln/SNYK-JAVA-ORGJSON-5962464
- https://snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-8383402
- https://snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-1012559
- https://snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-7300152
- https://snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-7433720
- https://snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-7984545
- https://snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-570455
- https://snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-2391283
- https://snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-3012383
- https://snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-3106930
- https://snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-3339519
- https://snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-568918
- https://snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-6567186
- https://snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-6669948
- https://snyk.io/vuln/SNYK-JAVA-ORGJBOSSXNIO-6403375
- https://snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-7707751
- https://snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-1304915
- https://snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-174583
- https://snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-2847922
- https://snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-2871356
- https://snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-3358786
- https://snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-7361775
- https://snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-471684
- https://snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-7433721
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@SamShoberWork @snyk-bot