Skip to content

Bump mockito from 5.14.1 to 5.14.2, objenesis from 3.2 to 3.3 and byt…

Mend for GitHub.com / Mend Security Check failed Nov 15, 2024 in 1h 1m 34s

Security Report

The Security Check found 3 vulnerabilities.

CVE Severity CVSS Score Vulnerable Library Suggested Fix Issue
CVE-2024-47535

Path to dependency file: /qa/smoke-test-http/build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/io.netty/netty-common/4.1.114.Final/862712e292b162c8ccaa7847a6a54df8178f77e5/netty-common-4.1.114.Final.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/io.netty/netty-common/4.1.114.Final/862712e292b162c8ccaa7847a6a54df8178f77e5/netty-common-4.1.114.Final.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/io.netty/netty-common/4.1.114.Final/862712e292b162c8ccaa7847a6a54df8178f77e5/netty-common-4.1.114.Final.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/io.netty/netty-common/4.1.114.Final/862712e292b162c8ccaa7847a6a54df8178f77e5/netty-common-4.1.114.Final.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/io.netty/netty-common/4.1.114.Final/862712e292b162c8ccaa7847a6a54df8178f77e5/netty-common-4.1.114.Final.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/io.netty/netty-common/4.1.114.Final/862712e292b162c8ccaa7847a6a54df8178f77e5/netty-common-4.1.114.Final.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/io.netty/netty-common/4.1.114.Final/862712e292b162c8ccaa7847a6a54df8178f77e5/netty-common-4.1.114.Final.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/io.netty/netty-common/4.1.114.Final/862712e292b162c8ccaa7847a6a54df8178f77e5/netty-common-4.1.114.Final.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/io.netty/netty-common/4.1.114.Final/862712e292b162c8ccaa7847a6a54df8178f77e5/netty-common-4.1.114.Final.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/io.netty/netty-common/4.1.114.Final/862712e292b162c8ccaa7847a6a54df8178f77e5/netty-common-4.1.114.Final.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/io.netty/netty-common/4.1.114.Final/862712e292b162c8ccaa7847a6a54df8178f77e5/netty-common-4.1.114.Final.jar

Dependency Hierarchy:

-> ❌ netty-common-4.1.114.Final.jar (Vulnerable Library)

Medium 5.5 netty-common-4.1.114.Final.jar Upgrade to version: io.netty:netty-common:4.1.115.Final #16639
CVE-2024-6763

Path to dependency file: /plugins/repository-hdfs/build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.eclipse.jetty/jetty-server/9.4.55.v20240627/6acd4d3dba5c237cc4315e68f9a602d6d175992a/jetty-server-9.4.55.v20240627.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.eclipse.jetty/jetty-server/9.4.55.v20240627/6acd4d3dba5c237cc4315e68f9a602d6d175992a/jetty-server-9.4.55.v20240627.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.eclipse.jetty/jetty-server/9.4.55.v20240627/6acd4d3dba5c237cc4315e68f9a602d6d175992a/jetty-server-9.4.55.v20240627.jar

Dependency Hierarchy:

-> ❌ jetty-server-9.4.55.v20240627.jar (Vulnerable Library)

Low 3.7 jetty-server-9.4.55.v20240627.jar Upgrade to version: org.eclipse.jetty:jetty-http:12.0.12;org.eclipse.jetty:jetty-server:12.0.12 #16372
CVE-2024-6763

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.eclipse.jetty/jetty-http/9.4.55.v20240627/ef807d867948042293487c025f953fb8e7d77622/jetty-http-9.4.55.v20240627.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.eclipse.jetty/jetty-http/9.4.55.v20240627/ef807d867948042293487c025f953fb8e7d77622/jetty-http-9.4.55.v20240627.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.eclipse.jetty/jetty-http/9.4.55.v20240627/ef807d867948042293487c025f953fb8e7d77622/jetty-http-9.4.55.v20240627.jar

Dependency Hierarchy:

-> hdfs-fixture-3.0.0-SNAPSHOT (Root Library)

   -> jetty-server-9.4.55.v20240627.jar

     -> ❌ jetty-http-9.4.55.v20240627.jar (Vulnerable Library)

Low 3.7 jetty-http-9.4.55.v20240627.jar Upgrade to version: org.eclipse.jetty:jetty-http:12.0.12;org.eclipse.jetty:jetty-server:12.0.12 #14183

Total libraries scanned: 768
Scan token: bd09e60cee9f4e389f54b9d69f3833bd
View more details on Mend for GitHub.com