Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update dependency eslint to v7 #345

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Update dependency eslint to v7

f0440bc
Select commit
Loading
Failed to load commit list.
Open

Update dependency eslint to v7 #345

Update dependency eslint to v7
f0440bc
Select commit
Loading
Failed to load commit list.
Mend for GitHub.com / WhiteSource Security Check failed Mar 1, 2024 in 1m 45s

Security Report

You have successfully remediated 126 vulnerabilities, but introduced 92 new vulnerabilities in this branch.

❌ New vulnerabilities:

Partial results (77 vulnerabilities) are displayed below due to a content size limitation in GitHub. To view information on the remaining vulnerabilities, navigate to the Mend Application.


CVE Severity CVSS Score Vulnerable Library Suggested Fix Issue
CVE-2018-14721

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

Critical 10.0 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.9.7,2.8.11.3,2.7.9.5,2.6.7.3 #81
CVE-2020-9548

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

Critical 9.8 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.7.9.7,2.8.11.6,2.9.10.4 #128
CVE-2020-9547

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

Critical 9.8 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.10.3 #127
CVE-2020-9546

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

Critical 9.8 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.10.3 #124
CVE-2020-8840

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

Critical 9.8 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.9.10.3 #106
CVE-2020-10683

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> hibernate-core-3.6.3.Final.jar (Root Library)

   -> ❌ dom4j-1.6.1.jar (Vulnerable Library)

Critical 9.8 dom4j-1.6.1.jar Upgrade to version: org.dom4j:dom4j:2.1.3,org.dom4j:dom4j:2.0.3 None
CVE-2019-20330

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

Critical 9.8 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.7.9.7,2.8.11.5,2.9.10.2 #129
CVE-2019-17531

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

Critical 9.8 jackson-databind-2.6.7.1.jar Upgrade to version: 2.10 #77
CVE-2019-17267

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

Critical 9.8 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.8.11.5,2.9.10 #86
CVE-2019-16943

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

Critical 9.8 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.6.7.3,2.7.9.7,2.8.11.5,2.9.10.1 #107
CVE-2019-16942

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

Critical 9.8 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.6.7.3,2.7.9.7,2.8.11.5,2.9.10.1 #105
CVE-2019-16335

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

Critical 9.8 jackson-databind-2.6.7.1.jar Upgrade to version: 2.9.10 #84
CVE-2019-14893

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

Critical 9.8 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.10.0 #121
CVE-2019-14892

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

Critical 9.8 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.6.7.3,2.7.9.7,2.8.11.5,2.9.10 #123
CVE-2019-14540

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

Critical 9.8 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.8.11.5,2.9.10,2.10.0.pr3,2.11.0.rc1 #75
CVE-2019-14379

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

Critical 9.8 jackson-databind-2.6.7.1.jar Upgrade to version: 2.9.9.2 #126
CVE-2019-13116

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> hibernate-core-3.6.3.Final.jar (Root Library)

   -> ❌ commons-collections-3.1.jar (Vulnerable Library)

Critical 9.8 commons-collections-3.1.jar Upgrade to version: commons-collections:commons-collections:3.2.2 None
CVE-2019-10202

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

Critical 9.8 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.0.0 #111
CVE-2018-7489

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

Critical 9.8 jackson-databind-2.6.7.1.jar Upgrade to version: 2.8.11.1,2.9.5 #136
CVE-2018-19360

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

Critical 9.8 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.7.9.5,2.8.11.3,2.9.8,2.10.0.pr1 #110
CVE-2018-14720

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

Critical 9.8 jackson-databind-2.6.7.1.jar Upgrade to version: 2.9.7 #79
CVE-2018-14719

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

Critical 9.8 jackson-databind-2.6.7.1.jar Upgrade to version: 2.9.7 #130
CVE-2018-14718

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

Critical 9.8 jackson-databind-2.6.7.1.jar Upgrade to version: 2.9.7 #131
CVE-2018-11307

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

Critical 9.8 jackson-databind-2.6.7.1.jar Upgrade to version: jackson-databind-2.9.6 #92
CVE-2017-17485

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

Critical 9.8 jackson-databind-2.6.7.1.jar Upgrade to version: 2.9.4 #125
CVE-2017-15708

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> hibernate-core-3.6.3.Final.jar (Root Library)

   -> ❌ commons-collections-3.1.jar (Vulnerable Library)

Critical 9.8 commons-collections-3.1.jar Upgrade to version: org.apache.synapse:Apache-Synapse:3.0.1;commons-collections:commons-collections:3.2.2 None
CVE-2017-15095

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

Critical 9.8 jackson-databind-2.6.7.1.jar Upgrade to version: 2.8.10,2.9.1 #78
CVE-2015-7501

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> hibernate-core-3.6.3.Final.jar (Root Library)

   -> ❌ commons-collections-3.1.jar (Vulnerable Library)

Critical 9.8 commons-collections-3.1.jar Upgrade to version: commons-collections:commons-collections:3.2.2;org.apache.commons:commons-collections4:4.1 None
CVE-2015-4852

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> hibernate-core-3.6.3.Final.jar (Root Library)

   -> ❌ commons-collections-3.1.jar (Vulnerable Library)

Critical 9.8 commons-collections-3.1.jar Upgrade to version: commons-collections:commons-collections:3.2.2 None
CVE-2020-11113

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 8.8 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.9.10.4;2.10.0 #115
CVE-2020-11112

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 8.8 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.9.10.4,2.10.0 #116
CVE-2020-11111

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 8.8 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.9.10.4,2.10.0 #113
CVE-2020-10969

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 8.8 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.8.11.6;com.fasterxml.jackson.core:jackson-databind:2.7.9.7 #90
CVE-2020-10968

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 8.8 jackson-databind-2.6.7.1.jar Upgrade to version: jackson-databind-2.9.10.4 #89
CVE-2020-10673

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 8.8 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.9.10.4 #133
CVE-2020-10672

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 8.8 jackson-databind-2.6.7.1.jar Upgrade to version: jackson-databind-2.9.10.4 #132
CVE-2017-3523

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ mysql-connector-java-5.1.14.jar (Vulnerable Library)

High 8.5 mysql-connector-java-5.1.14.jar Upgrade to version: mysql:mysql-connector-java:5.1.41 #36
CVE-2023-22102

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ mysql-connector-java-5.1.14.jar (Vulnerable Library)

High 8.3 mysql-connector-java-5.1.14.jar Upgrade to version: com.mysql:mysql-connector-j:8.2.0 None
CVE-2021-20190

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 8.1 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind-2.9.10.7 #112
CVE-2020-36189

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 8.1 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.9.10.8 #91
CVE-2020-36188

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 8.1 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.9.10.8 #93
CVE-2020-36187

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 8.1 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.9.10.8 #102
CVE-2020-36186

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 8.1 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.9.10.8 #103
CVE-2020-36185

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 8.1 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.9.10.8 #100
CVE-2020-36184

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 8.1 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.9.10.8 #101
CVE-2020-36183

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 8.1 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.9.10.8 #97
CVE-2020-36182

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 8.1 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.9.10.8 #98
CVE-2020-36181

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 8.1 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.9.10.8 #95
CVE-2020-36180

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 8.1 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.9.10.8 #96
CVE-2020-36179

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 8.1 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.9.10.8 #114
CVE-2020-24750

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 8.1 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.9.10.6 #122
CVE-2020-24616

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 8.1 jackson-databind-2.6.7.1.jar Upgrade to version: 2.9.10.6 #117
CVE-2020-14195

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 8.1 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.9.10.5 #134
CVE-2020-14062

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 8.1 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.10.0 #120
CVE-2020-14061

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 8.1 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.10.0 #119
CVE-2020-14060

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 8.1 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.10.0 #118
CVE-2020-11620

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 8.1 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.9.10.4 #94
CVE-2020-11619

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 8.1 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.9.10.4 #85
CVE-2020-10650

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 8.1 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.9.10.4 None
CVE-2018-5968

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 8.1 jackson-databind-2.6.7.1.jar Upgrade to version: 2.8.11.1, 2.9.4 #99
CVE-2024-21490

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/angular/package.json

Dependency Hierarchy:

-> ❌ angular-1.8.3.tgz (Vulnerable Library)

High 7.5 angular-1.8.3.tgz #341
CVE-2022-42004

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 7.5 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.13.4 None
CVE-2022-42003

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 7.5 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.12.7.1,2.13.4.1 None
CVE-2022-25844

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/angular/package.json

Dependency Hierarchy:

-> ❌ angular-1.8.3.tgz (Vulnerable Library)

High 7.5 angular-1.8.3.tgz #274
CVE-2020-36518

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 7.5 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.12.6.1,2.13.2.1 #247
CVE-2020-25649

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 7.5 jackson-databind-2.6.7.1.jar Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.6.7.4,2.9.10.7,2.10.5.1,2.11.0.rc1 #80
CVE-2019-14439

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 7.5 jackson-databind-2.6.7.1.jar Upgrade to version: 2.9.9.2 #87
CVE-2019-12086

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 7.5 jackson-databind-2.6.7.1.jar Upgrade to version: 2.9.9 #76
CVE-2018-12023

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 7.5 jackson-databind-2.6.7.1.jar Upgrade to version: 2.7.9.4, 2.8.11.2, 2.9.6 #83
CVE-2018-12022

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ jackson-databind-2.6.7.1.jar (Vulnerable Library)

High 7.5 jackson-databind-2.6.7.1.jar Upgrade to version: 2.7.9.4, 2.8.11.2, 2.9.6 #82
CVE-2018-1000632

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> hibernate-core-3.6.3.Final.jar (Root Library)

   -> ❌ dom4j-1.6.1.jar (Vulnerable Library)

High 7.5 dom4j-1.6.1.jar Upgrade to version: org.dom4j:dom4j:2.0.3 None
CVE-2020-25638

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ hibernate-core-3.6.3.Final.jar (Vulnerable Library)

High 7.4 hibernate-core-3.6.3.Final.jar Upgrade to version: org.hibernate:hibernate-core:5.3.20.Final,5.4.24.Final #135
CVE-2015-6420

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> hibernate-core-3.6.3.Final.jar (Root Library)

   -> ❌ commons-collections-3.1.jar (Vulnerable Library)

High 7.3 commons-collections-3.1.jar Upgrade to version: commons-collections:commons-collections3.2.2,org.apache.commons:commons-collections4:4.1 None
CVE-2022-21363

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ mysql-connector-java-5.1.14.jar (Vulnerable Library)

Medium 6.6 mysql-connector-java-5.1.14.jar Upgrade to version: mysql:mysql-connector-java:8.0.28 None
CVE-2019-14900

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ hibernate-core-3.6.3.Final.jar (Vulnerable Library)

Medium 6.5 hibernate-core-3.6.3.Final.jar Upgrade to version: org.hibernate:hibernate-core:5.4.18.Final #42
CVE-2017-3586

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> ❌ mysql-connector-java-5.1.14.jar (Vulnerable Library)

Medium 6.4 mysql-connector-java-5.1.14.jar Upgrade to version: 5.1.42 #37
CVE-2022-25869

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/angular/package.json

Dependency Hierarchy:

-> ❌ angular-1.8.3.tgz (Vulnerable Library)

Medium 6.1 angular-1.8.3.tgz #273

✔️ Remediated vulnerabilities:

CVE Vulnerable Library
CVE-2022-2421 socket.io-parser-3.2.0.tgz
CVE-2022-37598 uglify-js-3.4.10.tgz
CVE-2018-20190 node-sass-v4.14.1
CVE-2017-16137 debug-4.2.0.tgz
CVE-2022-1537 grunt-1.3.0.tgz
CVE-2018-11698 opennms-opennms-source-22.0.1-1
CVE-2022-33987 got-11.4.0.tgz
CVE-2018-11694 node-sass-v4.14.1
CVE-2021-23490 parse-link-header-1.0.1.tgz
CVE-2022-25869 angular-1.8.0.tgz
CVE-2021-3807 ansi-regex-4.1.0.tgz
CVE-2018-19838 opennms-opennms-source-22.0.1-1
CVE-2022-22984 snyk-sbt-plugin-2.11.0.tgz
CVE-2019-6286 opennms-opennms-source-22.0.1-1
CVE-2022-25901 cookiejar-2.1.2.tgz
WS-2018-0625 xmlbuilder-8.2.2.tgz
CVE-2020-7788 ini-1.3.5.tgz
CVE-2021-44906 minimist-0.0.10.tgz
CVE-2022-0536 follow-redirects-1.13.0.tgz
CVE-2024-21490 angular-1.8.0.tgz
CVE-2018-20821 node-sass-v4.14.1
CVE-2023-0842 xml2js-0.4.23.tgz
CVE-2021-3918 json-schema-0.2.3.tgz
CVE-2020-28481 socket.io-2.1.1.tgz
CVE-2021-23413 jszip-3.5.0.tgz
WS-2019-0425 mocha-5.2.0.tgz
CVE-2022-24999 qs-6.5.2.tgz
CVE-2022-26592 node-sass-v4.14.1
CVE-2021-23406 degenerator-1.0.4.tgz
CVE-2023-26117 angular-1.8.0.tgz
CVE-2021-43138 async-2.6.3.tgz
CVE-2022-0155 follow-redirects-1.13.0.tgz
WS-2021-0153 ejs-2.5.9.tgz
CVE-2018-11697 node-sass-v4.14.1
CVE-2022-25883 semver-5.7.1.tgz
CVE-2018-11694 opennms-opennms-source-24.1.2-1
CVE-2021-23343 path-parse-1.0.6.tgz
CVE-2021-43138 async-3.2.0.tgz
CVE-2020-11023 jquery-1.8.1.min.js
CVE-2019-6284 opennms-opennms-source-22.0.1-1
CVE-2021-33502 normalize-url-4.5.0.tgz
CVE-2023-45133 babel-traverse-6.26.0.tgz
CVE-2020-36049 socket.io-parser-3.2.0.tgz
CVE-2018-19827 opennms-opennms-source-24.1.2-1
CVE-2018-20190 opennms-opennms-source-24.1.2-1
CVE-2021-23495 karma-3.1.4.tgz
CVE-2021-23362 hosted-git-info-3.0.5.tgz
CVE-2020-7598 minimist-0.0.10.tgz
CVE-2020-28282 getobject-0.1.0.tgz
WS-2021-0638 mocha-5.2.0.tgz
CVE-2022-24999 qs-6.7.0.tgz
CVE-2022-25844 angular-1.8.0.tgz
CVE-2020-11022 jquery-1.8.1.min.js
CVE-2018-11697 CSS::Sass-v3.4.11
CVE-2021-44906 minimist-1.2.5.tgz
CVE-2020-11023 jquery-3.2.1.min.js
CVE-2022-25881 http-cache-semantics-4.1.0.tgz
CVE-2020-28481 socket.io-2.3.0.tgz
CVE-2021-23369 handlebars-4.7.6.tgz
WS-2019-0605 CSS::Sass-v3.4.11
CVE-2020-36048 engine.io-3.4.2.tgz
CVE-2018-19839 CSS::Sass-v3.4.11
CVE-2022-22984 snyk-1.406.0.tgz
CVE-2018-19826 node-sass-v4.14.1
CVE-2021-41580 passport-oauth2-1.5.0.tgz
CVE-2020-36049 socket.io-parser-3.3.1.tgz
CVE-2023-48795 ssh2-0.8.9.tgz
CVE-2020-7598 minimist-1.2.0.tgz
CVE-2022-46175 json5-0.5.1.tgz
CVE-2018-20821 opennms-opennms-source-24.1.2-1
CVE-2022-24441 snyk-1.406.0.tgz
CVE-2021-23406 pac-resolver-3.0.0.tgz
CVE-2021-28918 netmask-1.0.6.tgz
CVE-2021-23413 jszip-3.4.0.tgz
CVE-2023-26115 word-wrap-1.2.3.tgz
CVE-2022-48285 jszip-3.5.0.tgz
CVE-2022-21803 nconf-0.10.0.tgz
CVE-2022-38900 decode-uri-component-0.2.0.tgz
CVE-2022-21704 log4js-3.0.6.tgz
CVE-2020-11022 jquery-3.2.1.min.js
CVE-2021-32640 ws-7.3.1.tgz
CVE-2018-11499 opennms-opennms-source-22.0.1-1
CVE-2020-28502 xmlhttprequest-ssl-1.5.5.tgz
CVE-2022-0437 karma-3.1.4.tgz
CVE-2012-6708 jquery-1.8.1.min.js
CVE-2020-7656 jquery-1.8.1.min.js
CVE-2018-11499 node-sass-v4.14.1
CVE-2021-32640 ws-6.1.4.tgz
CVE-2019-6283 opennms-opennms-source-22.0.1-1
WS-2020-0443 socket.io-2.1.1.tgz
CVE-2022-25883 semver-6.3.0.tgz
CVE-2021-3807 ansi-regex-5.0.0.tgz
CVE-2022-33987 got-9.6.0.tgz
CVE-2021-31597 xmlhttprequest-ssl-1.5.5.tgz
CVE-2020-28469 glob-parent-3.1.0.tgz
CVE-2021-44906 minimist-1.2.0.tgz
CVE-2022-40764 snyk-1.406.0.tgz
CVE-2021-23362 hosted-git-info-2.8.8.tgz
CVE-2021-3807 ansi-regex-3.0.0.tgz
CVE-2023-26159 follow-redirects-1.13.0.tgz
CVE-2023-26118 angular-1.8.0.tgz
CVE-2022-2421 socket.io-parser-3.3.1.tgz
CVE-2022-31129 moment-2.29.0.tgz
CVE-2020-36048 engine.io-3.2.1.tgz
CVE-2020-15366 ajv-5.5.2.tgz
CVE-2022-0436 grunt-1.3.0.tgz
CVE-2019-18797 opennms-opennms-source-24.1.2-1
CVE-2020-26301 ssh2-0.8.9.tgz
CVE-2018-20822 opennms-opennms-source-22.0.1-1
CVE-2022-48285 jszip-3.4.0.tgz
CVE-2022-29078 ejs-2.5.9.tgz
CVE-2022-41940 engine.io-3.4.2.tgz
CVE-2018-19797 opennms-opennms-source-22.0.1-1
CVE-2021-29418 netmask-1.0.6.tgz
CVE-2019-11358 jquery-3.2.1.min.js
WS-2018-0650 useragent-2.3.0.tgz
CVE-2023-26116 angular-1.8.0.tgz
CVE-2020-23064 jquery-3.2.1.min.js
CVE-2022-24785 moment-2.29.0.tgz
CVE-2015-9251 jquery-1.8.1.min.js
CVE-2022-37602 grunt-karma-3.0.2.tgz
CVE-2022-0144 shelljs-0.3.0.tgz
WS-2020-0443 socket.io-2.3.0.tgz
CVE-2022-3517 minimatch-3.0.4.tgz
CVE-2021-23383 handlebars-4.7.6.tgz
CVE-2022-41940 engine.io-3.2.1.tgz

Base branch total remaining vulnerabilities: 173
Base branch commit: null


Total libraries scanned: 477

Scan token: 51e2f6364e4948ee9e626c20bf3795c5

View more details on Mend for GitHub.com