mend-bolt-for-github[bot]
mend-bolt-for-github[bot]
## CVE-2022-42916 - High Severity Vulnerability Vulnerable Library - curl-sys-0.4.55+curl-7.83.1.crate Native bindings to the libcurl library Library home page: https://crates.io/api/v1/crates/curl-sys/0.4.55+curl-7.83.1/download Dependency Hierarchy: - tensorflow-0.17.0.crate (Root Library) - tensorflow-sys-0.20.0.crate - curl-0.4.43.crate...
## CVE-2022-42915 - High Severity Vulnerability Vulnerable Library - curl-sys-0.4.55+curl-7.83.1.crate Native bindings to the libcurl library Library home page: https://crates.io/api/v1/crates/curl-sys/0.4.55+curl-7.83.1/download Dependency Hierarchy: - tensorflow-0.17.0.crate (Root Library) - tensorflow-sys-0.20.0.crate - curl-0.4.43.crate...
## CVE-2022-43680 - High Severity Vulnerability Vulnerable Library - expat-sys-2.1.6.crate XML parser library written in C Library home page: https://crates.io/api/v1/crates/expat-sys/2.1.6/download Dependency Hierarchy: - amethyst-0.15.3.crate (Root Library) - amethyst_ui-0.15.3.crate - font-kit-0.5.0.crate...
## CVE-2024-41110 - Critical Severity Vulnerability Vulnerable Library - github.com/docker/dockeR-v24.0.9+incompatible Moby Project - a collaborative project for the container ecosystem to assemble container-based systems Library home page: https://proxy.golang.org/github.com/docker/docke!r/@v/v24.0.9+incompatible.zip Path to...
## CVE-2024-34750 - High Severity Vulnerability Vulnerable Library - tomcat-embed-core-10.1.24.jar Core Tomcat implementation Library home page: https://tomcat.apache.org/ Path to dependency file: /hapi-fhir-spring-boot/hapi-fhir-spring-boot-samples/hapi-fhir-spring-boot-sample-client-apache/pom.xml Path to vulnerable library: /hapi-fhir-spring-boot/hapi-fhir-spring-boot-samples/hapi-fhir-spring-boot-sample-client-apache/pom.xml,/hapi-fhir-spring-boot/hapi-fhir-spring-boot-samples/hapi-fhir-spring-boot-sample-server-jersey/pom.xml,/hapi-fhir-spring-boot/hapi-fhir-spring-boot-samples/hapi-fhir-spring-boot-sample-client-okhttp/pom.xml Dependency Hierarchy: -...
## CVE-2024-38809 - Medium Severity Vulnerability Vulnerable Library - spring-web-6.1.8.jar Spring Web Library home page: https://spring.io/projects/spring-framework Path to dependency file: /hapi-fhir-spring-boot/hapi-fhir-spring-boot-samples/hapi-fhir-spring-boot-sample-client-okhttp/pom.xml Path to vulnerable library: /hapi-fhir-spring-boot/hapi-fhir-spring-boot-samples/hapi-fhir-spring-boot-sample-client-okhttp/pom.xml,/hapi-fhir-test-utilities/pom.xml,/hapi-fhir-jpaserver-base/pom.xml,/hapi-fhir-jpaserver-uhnfhirtest/pom.xml,/hapi-fhir-server-cds-hooks/pom.xml,/hapi-fhir-docs/pom.xml,/hapi-fhir-cli/hapi-fhir-cli-app/pom.xml,/hapi-fhir-jpaserver-test-utilities/pom.xml,/hapi-fhir-server/pom.xml,/hapi-fhir-spring-boot/hapi-fhir-spring-boot-autoconfigure/pom.xml,/hapi-fhir-storage-test-utilities/pom.xml,/hapi-fhir-storage-mdm/pom.xml,/hapi-fhir-jpaserver-subscription/pom.xml,/hapi-fhir-spring-boot/hapi-fhir-spring-boot-samples/hapi-fhir-spring-boot-sample-server-jersey/pom.xml,/hapi-fhir-jpaserver-mdm/pom.xml,/hapi-fhir-jpaserver-elastic-test-utilities/pom.xml,/hapi-fhir-storage-cr/pom.xml,/hapi-fhir-jpaserver-hfql/pom.xml,/hapi-fhir-storage-batch2-test-utilities/pom.xml,/hapi-fhir-cli/hapi-fhir-cli-api/pom.xml,/hapi-fhir-jpaserver-ips/pom.xml,/hapi-fhir-spring-boot/hapi-fhir-spring-boot-samples/hapi-fhir-spring-boot-sample-client-apache/pom.xml Dependency Hierarchy: - :x:...
## CVE-2022-30636 - Medium Severity Vulnerability Vulnerable Library - golang.org/x/crypto-v0.0.0-20210921155107-089bfa567519 [mirror] Go supplementary cryptography libraries Library home page: https://proxy.golang.org/golang.org/x/crypto/@v/v0.0.0-20210921155107-089bfa567519.zip Path to dependency file: /go.mod Path to vulnerable library: /go.mod Dependency...
## CVE-2024-3651 - High Severity Vulnerability Vulnerable Library - idna-2.10-py2.py3-none-any.whl Internationalized Domain Names in Applications (IDNA) Library home page: https://files.pythonhosted.org/packages/a2/38/928ddce2273eaa564f6f50de919327bf3a00f091b5baba8dfa9460f3a8a8/idna-2.10-py2.py3-none-any.whl Path to dependency file: /day70/requirements.txt Path to vulnerable library: /day70/requirements.txt...
## CVE-2024-37891 - Medium Severity Vulnerability Vulnerable Library - urllib3-2.0.7-py3-none-any.whl HTTP library with thread-safe connection pooling, file post, and more. Library home page: https://files.pythonhosted.org/packages/d2/b2/b157855192a68541a91ba7b2bbcb91f1b4faa51f8bae38d8005c034be524/urllib3-2.0.7-py3-none-any.whl Path to dependency file: /requirements.txt Path...
## CVE-2024-5569 - Low Severity Vulnerability Vulnerable Library - zipp-3.15.0-py3-none-any.whl Backport of pathlib-compatible object wrapper for zip files Library home page: https://files.pythonhosted.org/packages/5b/fa/c9e82bbe1af6266adf08afb563905eb87cab83fde00a0a08963510621047/zipp-3.15.0-py3-none-any.whl Path to dependency file: /requirements.txt Path to vulnerable...