-
Notifications
You must be signed in to change notification settings - Fork 162
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Snyk] Fix for 7 vulnerabilities #567
base: master
Are you sure you want to change the base?
Conversation
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-2436751 - https://snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-460644 - https://snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-2823313 - https://snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-2329097 - https://snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-2330878 - https://snyk.io/vuln/SNYK-JAVA-COMMONSCODEC-561518 - https://snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-8230365
Important Review skippedIgnore keyword(s) in the title. Please check the settings in the CodeRabbit UI or the You can disable this status message by setting the Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
Snyk has created this PR to fix 7 vulnerabilities in the maven dependencies of this project.
Snyk changed the following file(s):
finance/egov/pom.xml
Vulnerabilities that will be fixed with an upgrade:
SNYK-JAVA-ORGSPRINGFRAMEWORK-2436751
Major version upgrade
Reachable
Mature
SNYK-JAVA-ORGSPRINGFRAMEWORK-460644
Reachable
No Known Exploit
SNYK-JAVA-ORGSPRINGFRAMEWORK-2823313
Major version upgrade
Reachable
No Known Exploit
SNYK-JAVA-ORGSPRINGFRAMEWORK-2329097
Major version upgrade
No Path Found
No Known Exploit
SNYK-JAVA-ORGSPRINGFRAMEWORK-2330878
Major version upgrade
No Path Found
No Known Exploit
SNYK-JAVA-COMMONSCODEC-561518
2.2.0.RELEASE
->2.4.1.RELEASE
No Path Found
No Known Exploit
SNYK-JAVA-ORGSPRINGFRAMEWORK-8230365
Major version upgrade
No Path Found
No Known Exploit
Vulnerabilities that could not be fixed
org.springframework:[email protected]
toorg.springframework:[email protected]
; Reasoncould not apply upgrade, dependency is managed externally
; Location:https://maven-central.storage-download.googleapis.com/maven2/org/springframework/spring-framework-bom/4.3.11.RELEASE/spring-framework-bom-4.3.11.RELEASE.pom
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Improper Output Neutralization for Logs
🦉 Multipart Content Pollution
🦉 Denial of Service (DoS)