Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to fix one or more vulnerable packages in the `maven` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Has a fix available, CVSS 6.5
SNYK-JAVA-COMGOOGLECODEGSON-1730327
com.google.firebase:firebase-admin:
6.5.0 -> 9.1.1
Why? Proof of Concept exploit, Has a fix available, CVSS 3.3
SNYK-JAVA-COMGOOGLEGUAVA-1015415
com.google.firebase:firebase-admin:
6.5.0 -> 9.1.1
Why? Has a fix available, CVSS 5.9
SNYK-JAVA-COMGOOGLEGUAVA-32236
com.google.firebase:firebase-admin:
6.5.0 -> 9.1.1
Why? Has a fix available, CVSS 8.7
SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808
com.google.firebase:firebase-admin:
6.5.0 -> 9.1.1
Why? Has a fix available, CVSS 7.4
SNYK-JAVA-COMGOOGLEOAUTHCLIENT-575276
com.google.firebase:firebase-admin:
6.5.0 -> 9.1.1
Why? Has a fix available, CVSS 7.5
SNYK-JAVA-COMGOOGLEPROTOBUF-2331703
com.google.firebase:firebase-admin:
6.5.0 -> 9.1.1
Why? Has a fix available, CVSS 5.7
SNYK-JAVA-COMGOOGLEPROTOBUF-3040284
com.google.firebase:firebase-admin:
6.5.0 -> 9.1.1
Why? Has a fix available, CVSS 7.5
SNYK-JAVA-COMGOOGLEPROTOBUF-3167772
com.google.firebase:firebase-admin:
6.5.0 -> 9.1.1
Why? Proof of Concept exploit, Has a fix available, CVSS 8.1
SNYK-JAVA-COMH2DATABASE-1769238
org.orbisgis:h2gis:
1.4.0 -> 2.0.0
Why? Proof of Concept exploit, Has a fix available, CVSS 8.1
SNYK-JAVA-COMH2DATABASE-2331071
org.orbisgis:h2gis:
1.4.0 -> 2.0.0
Why? Proof of Concept exploit, Has a fix available, CVSS 9.8
SNYK-JAVA-COMH2DATABASE-2348247
org.orbisgis:h2gis:
1.4.0 -> 2.0.0
Why? Has a fix available, CVSS 5.9
SNYK-JAVA-IOGRPC-571957
com.google.firebase:firebase-admin:
6.5.0 -> 9.1.1
Why? Has a fix available, CVSS 6.5
SNYK-JAVA-IONETTY-1020439
com.google.firebase:firebase-admin:
6.5.0 -> 9.1.1
Why? Has a fix available, CVSS 6.2
SNYK-JAVA-IONETTY-1070799
com.google.firebase:firebase-admin:
6.5.0 -> 9.1.1
Why? Has a fix available, CVSS 6.2
SNYK-JAVA-IONETTY-1082234
com.google.firebase:firebase-admin:
6.5.0 -> 9.1.1
Why? Has a fix available, CVSS 6.2
SNYK-JAVA-IONETTY-1082235
com.google.firebase:firebase-admin:
6.5.0 -> 9.1.1
Why? Has a fix available, CVSS 6.2
SNYK-JAVA-IONETTY-1082236
com.google.firebase:firebase-admin:
6.5.0 -> 9.1.1
Why? Mature exploit, Has a fix available, CVSS 5.9
SNYK-JAVA-IONETTY-1317097
com.google.firebase:firebase-admin:
6.5.0 -> 9.1.1
Why? Has a fix available, CVSS 7.5
SNYK-JAVA-IONETTY-1584063
com.google.firebase:firebase-admin:
6.5.0 -> 9.1.1
Why? Has a fix available, CVSS 7.5
SNYK-JAVA-IONETTY-1584064
com.google.firebase:firebase-admin:
6.5.0 -> 9.1.1
Why? Has a fix available, CVSS 6.5
SNYK-JAVA-IONETTY-2314893
com.google.firebase:firebase-admin:
6.5.0 -> 9.1.1
Why? Has a fix available, CVSS 5.5
SNYK-JAVA-IONETTY-2812456
com.google.firebase:firebase-admin:
6.5.0 -> 9.1.1
Why? Has a fix available, CVSS 5.3
SNYK-JAVA-ORGAPACHEHTTPCOMPONENTS-1048058
com.google.firebase:firebase-admin:
6.5.0 -> 9.1.1
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JAVA-ORGJSON-2841369
com.google.firebase:firebase-admin:
6.5.0 -> 9.1.1
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:![](https://camo.githubusercontent.com/1225d8f40c177b1f260251e66650ffdf8b9e52f52191eab27ba96f698c2f2d68/68747470733a2f2f6170692e7365676d656e742e696f2f76312f706978656c2f747261636b3f646174613d65794a33636d6c305a55746c65534936496e4a79576d785a634564485932527954485a7362306c596430645563566734576b4652546e4e434f5545774969776959573576626e6c746233567a535751694f694932595463305932526a4d6930794f444a6b4c54526a4e6a63744f544d794d79316c4d6a6c6c5a6a426d4e445979593245694c434a6c646d567564434936496c425349485a705a58646c5a434973496e42796233426c636e52705a584d694f6e736963484a4a5a434936496a5a684e7a526a5a474d794c5449344d6d51744e474d324e7930354d7a497a4c5755794f57566d4d4759304e6a4a6a59534a3966513d3d)
馃 View latest project report
馃洜 Adjust project settings
馃摎 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
馃 Deserialization of Untrusted Data
馃 Denial of Service (DoS)
馃 XML External Entity (XXE) Injection
馃 More lessons are available in Snyk Learn