You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Deserialization of Untrusted Data
Vulnerable module: com.google.guava:guava
Introduced through: net.shibboleth.utilities:java-support@7.4.0 and com.google.guava:guava@20.0
Snyk reports the following vulnerabilities for the opensaml-ext dependencies:
HIGH SEVERITY:
Unexpected Code Execution
Vulnerable module: org.bouncycastle:bcprov-jdk15on
Introduced through: org.opensaml:opensaml-saml-impl@3.4.0, org.opensaml:opensaml-xmlsec-impl@3.4.0 and others.
MEDIUM SEVERITY:
Deserialization of Untrusted Data
Vulnerable module: com.google.guava:guava
Introduced through: net.shibboleth.utilities:java-support@7.4.0 and com.google.guava:guava@20.0
MEDIUM SEVERITY:
Insecure Encryption
Vulnerable module: org.bouncycastle:bcprov-jdk15on
Introduced through: org.opensaml:opensaml-saml-impl@3.4.0, org.opensaml:opensaml-xmlsec-impl@3.4.0 and others
The text was updated successfully, but these errors were encountered: