Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump jline version to 3.26.2 #12956

Merged
merged 2 commits into from
Jul 17, 2024
Merged

Bump jline version to 3.26.2 #12956

merged 2 commits into from
Jul 17, 2024

Conversation

HTHou
Copy link
Contributor

@HTHou HTHou commented Jul 17, 2024
edited
Loading

Description

Dependency maven:org.jline:jline:3.23.0 is vulnerable

Upgrade to 3.26.2

CVE-2023-50572, Score: 5.5

An issue in the component "GroovyEngine.execute" of jline-groovy versions through 3.24.1 allows attackers to cause an OOM (OutofMemory) error.

Read More: https://devhub.checkmarx.com/cve-details/CVE-2023-50572?utm_source=jetbrains&utm_medium=referral

@HTHou HTHou changed the title Bump jline version to 3.25.0 Bump jline version to 3.26.2 Jul 17, 2024
@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Jul 17, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@codecov Codecov
Copy link

codecov bot commented Jul 17, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 41.67%. Comparing base (b2c42b7) to head (d9c2c43).

Additional details and impacted files 
@@             Coverage Diff              @@
##             master   #12956      +/-   ##
============================================
- Coverage     41.67%   41.67%   -0.01%     
  Complexity       71       71              
============================================
  Files          3325     3325              
  Lines        210647   210647              
  Branches      25047    25047              
============================================
- Hits          87794    87784      -10     
- Misses       122853   122863      +10

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@HTHou HTHou merged commit d70b5b9 into master Jul 17, 2024
41 checks passed
@HTHou HTHou deleted the HTHou-patch-1 branch July 17, 2024 11:23
JackieTien97 pushed a commit that referenced this pull request Jul 22, 2024
@HTHou @JackieTien97
Bump jline version to 3.26.2 (#12956)
2e2dc91 
Dependency maven:org.jline:jline:3.23.0 is vulnerable

Upgrade to 3.26.2

CVE-2023-50572, Score: 5.5

An issue in the component "GroovyEngine.execute" of jline-groovy versions through 3.24.1 allows attackers to cause an OOM (OutofMemory) error.

Read More: https://devhub.checkmarx.com/cve-details/CVE-2023-50572?utm_source=jetbrains&utm_medium=referral

(cherry picked from commit d70b5b9)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@HTHou