Skip to content

Bump org.jline:jline in /test/fixtures/hdfs-fixture (#14859)

Mend for GitHub.com / Mend Security Check failed Jul 22, 2024 in 45m 40s

Security Report

The Security Check found 1 vulnerabilities.

CVE Severity CVSS Score Vulnerable Library Suggested Fix Issue
CVE-2024-25638

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/dnsjava/dnsjava/3.4.0/a214858bba6ddc017a3c2fd5d17f0ee359770dad/dnsjava-3.4.0.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/dnsjava/dnsjava/3.4.0/a214858bba6ddc017a3c2fd5d17f0ee359770dad/dnsjava-3.4.0.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/dnsjava/dnsjava/3.4.0/a214858bba6ddc017a3c2fd5d17f0ee359770dad/dnsjava-3.4.0.jar

Dependency Hierarchy:

-> hdfs-fixture-3.0.0-SNAPSHOT (Root Library)

   -> hadoop-minicluster-3.4.0.jar

     -> hadoop-yarn-server-tests-3.4.0.jar

       -> hadoop-yarn-server-nodemanager-3.4.0.jar

         -> hadoop-registry-3.4.0.jar

           -> ❌ dnsjava-3.4.0.jar (Vulnerable Library)

High 8.9 dnsjava-3.4.0.jar Upgrade to version: dnsjava:dnsjava:3.6.0 #14183

Total libraries scanned: 752
Scan token: 690c61cd0fe74f5dad88f529828ed0bd
View more details on Mend for GitHub.com