Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump springdoc-openapi-ui from 1.6.11 to 1.6.14 #942

Open
wants to merge 1 commit into
base: develop
Choose a base branch
from

chore(deps): bump springdoc-openapi-ui from 1.6.11 to 1.6.14

7522633
Select commit
Failed to load commit list.
Open

chore(deps): bump springdoc-openapi-ui from 1.6.11 to 1.6.14 #942

chore(deps): bump springdoc-openapi-ui from 1.6.11 to 1.6.14
7522633
Select commit
Failed to load commit list.
GitHub Advanced Security / Trivy succeeded Dec 19, 2022 in 2s

No new alerts

No new alerts

View all branch alerts.

Annotations

Check warning on line 1 in iris-client-fe/package-lock.json

See this annotation in the file changed.

Code scanning / Trivy

Vuetify Cross-site Scripting vulnerability Medium

Package: vuetify
Installed Version: 2.6.6
Vulnerability CVE-2022-25873
Severity: MEDIUM
Fixed Version: 2.6.10
Link: CVE-2022-25873

Check failure on line 1 in library/pom.xml

See this annotation in the file changed.

Code scanning / Trivy

Authorization rules can be bypassed via forward or include dispatcher types in Spring Security Critical

Package: org.springframework.security:spring-security-core
Installed Version: 5.7.3
Vulnerability CVE-2022-31692
Severity: CRITICAL
Fixed Version: 5.6.9, 5.7.5
Link: CVE-2022-31692

Check failure on line 1 in library/pom.xml

See this annotation in the file changed.

Code scanning / Trivy

snakeyaml: Denial of Service due to missing nested depth limitation for collections High

Package: org.yaml:snakeyaml
Installed Version: 1.30
Vulnerability CVE-2022-25857
Severity: HIGH
Fixed Version: 1.31
Link: CVE-2022-25857

Check failure on line 1 in library/pom.xml

See this annotation in the file changed.

Code scanning / Trivy

deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS High

Package: com.fasterxml.jackson.core:jackson-databind
Installed Version: 2.13.4
Vulnerability CVE-2022-42003
Severity: HIGH
Fixed Version: 2.12.7.1, 2.13.4.1
Link: CVE-2022-42003

Check failure on line 1 in library/pom.xml

See this annotation in the file changed.

Code scanning / Trivy

spring-security-oauth2-client: Privilege Escalation in spring-security-oauth2-client High

Package: org.springframework.security:spring-security-core
Installed Version: 5.7.3
Vulnerability CVE-2022-31690
Severity: HIGH
Fixed Version: 5.6.9, 5.7.5
Link: CVE-2022-31690

Check warning on line 1 in library/pom.xml

See this annotation in the file changed.

Code scanning / Trivy

snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode Medium

Package: org.yaml:snakeyaml
Installed Version: 1.30
Vulnerability CVE-2022-38752
Severity: MEDIUM
Fixed Version: 1.32
Link: CVE-2022-38752

Check warning on line 1 in library/pom.xml

See this annotation in the file changed.

Code scanning / Trivy

snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode Medium

Package: org.yaml:snakeyaml
Installed Version: 1.30
Vulnerability CVE-2022-38749
Severity: MEDIUM
Fixed Version: 1.31
Link: CVE-2022-38749

Check warning on line 1 in library/pom.xml

See this annotation in the file changed.

Code scanning / Trivy

snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match Medium

Package: org.yaml:snakeyaml
Installed Version: 1.30
Vulnerability CVE-2022-38751
Severity: MEDIUM
Fixed Version: 1.31
Link: CVE-2022-38751

Check warning on line 1 in library/pom.xml

See this annotation in the file changed.

Code scanning / Trivy

snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject Medium

Package: org.yaml:snakeyaml
Installed Version: 1.30
Vulnerability CVE-2022-38750
Severity: MEDIUM
Fixed Version: 1.31
Link: CVE-2022-38750

Check warning on line 1 in library/pom.xml

See this annotation in the file changed.

Code scanning / Trivy

Garbage collection issue in BC-FJA in Java 13 and later Medium

Package: org.bouncycastle:bc-fips
Installed Version: 1.0.2.3
Vulnerability CVE-2022-45146
Severity: MEDIUM
Fixed Version: 1.0.2.4
Link: CVE-2022-45146

Check warning on line 1 in library/pom.xml

See this annotation in the file changed.

Code scanning / Trivy

dev-java/snakeyaml: DoS via stack overflow Medium

Package: org.yaml:snakeyaml
Installed Version: 1.30
Vulnerability CVE-2022-41854
Severity: MEDIUM
Fixed Version: 1.32
Link: CVE-2022-41854