[Backport] [2.x] Bumps 'jackson' from 2.14.2 to 2.15.2 (#537) #542
Mend for GitHub.com / WhiteSource Security Check
failed
Jun 27, 2023 in 2m 0s
Security Report
1 new vulnerabilities were introduced in this branch.
❌ New vulnerabilities:
CVE | Severity | CVSS Score | Vulnerable Library | Suggested Fix | Issue |
---|---|---|---|---|---|
CVE-2023-2976Path to dependency file: /build.gradle.kts Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/com.google.guava/guava/30.1.1-jre/87e0fd1df874ea3cbe577702fe6f17068b790fd8/guava-30.1.1-jre.jar Dependency Hierarchy: -> checkstyle-8.45.1.jar (Root Library) -> ❌ guava-30.1.1-jre.jar (Vulnerable Library) |
Medium | 5.5 | guava-30.1.1-jre.jar | Upgrade to version: com.google.guava:guava:32.0.1-jre,com.google.guava:guava:32.0.1-android | None |
Base branch total remaining vulnerabilities: 2
Base branch commit: f606949b3ed4380dc31494855f197ac911554706
Total libraries scanned: 128
Scan token: 4e8bc5a6cb854de9a41afff4e683d1b2
Loading