mend-for-github-com[bot]
mend-for-github-com[bot]
## CVE-2024-37891 - Medium Severity Vulnerability Vulnerable Library - urllib3-1.26.18-py2.py3-none-any.whl HTTP library with thread-safe connection pooling, file post, and more. Library home page: https://files.pythonhosted.org/packages/b0/53/aa91e163dcfd1e5b82d8a890ecf13314e3e149c05270cc644581f77f17fd/urllib3-1.26.18-py2.py3-none-any.whl Path to dependency file: /benchmarks/osb/requirements.txt Path...
## CVE-2024-39689 - High Severity Vulnerability Vulnerable Library - certifi-2023.7.22-py3-none-any.whl Python package for providing Mozilla's CA Bundle. Library home page: https://files.pythonhosted.org/packages/4c/dd/2234eab22353ffc7d94e8d13177aaa050113286e93e7b40eae01fbf7c3d9/certifi-2023.7.22-py3-none-any.whl Path to dependency file: /benchmarks/osb/requirements.txt Path to vulnerable library:...
## CVE-2024-34064 - Medium Severity Vulnerability Vulnerable Library - Jinja2-3.1.3-py3-none-any.whl A very fast and expressive template engine. Library home page: https://files.pythonhosted.org/packages/30/6d/6de6be2d02603ab56e72997708809e8a5b0fbfee080735109b40a3564843/Jinja2-3.1.3-py3-none-any.whl Path to dependency file: /benchmarks/osb/requirements.txt Path to vulnerable library:...
Vulnerable Library - csharpier.core.0.28.2.nupkg Path to dependency file: /src/ApiGenerator/ApiGenerator.csproj Path to vulnerable library: /home/wss-scanner/.nuget/packages/system.text.json/8.0.0/system.text.json.8.0.0.nupkg Found in HEAD commit: d55a17de802292a3352500bab3e8c6671910b4e5 ## Vulnerabilities | CVE | Severity | CVSS | Dependency |...
## CVE-2024-22262 - High Severity Vulnerability Vulnerable Library - spring-web-5.3.29.jar Spring Web Library home page: https://spring.io/projects/spring-framework Path to dependency file: /build.gradle Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework/spring-web/5.3.29/4cd333e48d9a05d05c05ae7426242ecfe4cfb681/spring-web-5.3.29.jar Dependency Hierarchy: - jenkins-core-2.426.3.jar...
## CVE-2024-22259 - High Severity Vulnerability Vulnerable Library - spring-web-5.3.29.jar Spring Web Library home page: https://spring.io/projects/spring-framework Path to dependency file: /build.gradle Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework/spring-web/5.3.29/4cd333e48d9a05d05c05ae7426242ecfe4cfb681/spring-web-5.3.29.jar Dependency Hierarchy: - jenkins-core-2.426.3.jar...
## CVE-2024-22243 - High Severity Vulnerability Vulnerable Library - spring-web-5.3.29.jar Spring Web Library home page: https://spring.io/projects/spring-framework Path to dependency file: /build.gradle Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework/spring-web/5.3.29/4cd333e48d9a05d05c05ae7426242ecfe4cfb681/spring-web-5.3.29.jar Dependency Hierarchy: - jenkins-core-2.426.3.jar...
## CVE-2016-1000027 - Critical Severity Vulnerability Vulnerable Library - spring-web-5.3.29.jar Spring Web Library home page: https://spring.io/projects/spring-framework Path to dependency file: /build.gradle Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.springframework/spring-web/5.3.29/4cd333e48d9a05d05c05ae7426242ecfe4cfb681/spring-web-5.3.29.jar Dependency Hierarchy: - jenkins-core-2.426.3.jar...
Vulnerable Library - spring-boot-testcontainers-3.3.2.jar Path to dependency file: /spring-data-opensearch-testcontainers/build.gradle.kts Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.commons/commons-compress/1.24.0/b4b1b5a3d9573b2970fddab236102c0a4d27d35e/commons-compress-1.24.0.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.commons/commons-compress/1.24.0/b4b1b5a3d9573b2970fddab236102c0a4d27d35e/commons-compress-1.24.0.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.commons/commons-compress/1.24.0/b4b1b5a3d9573b2970fddab236102c0a4d27d35e/commons-compress-1.24.0.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.commons/commons-compress/1.24.0/b4b1b5a3d9573b2970fddab236102c0a4d27d35e/commons-compress-1.24.0.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.commons/commons-compress/1.24.0/b4b1b5a3d9573b2970fddab236102c0a4d27d35e/commons-compress-1.24.0.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.commons/commons-compress/1.24.0/b4b1b5a3d9573b2970fddab236102c0a4d27d35e/commons-compress-1.24.0.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.commons/commons-compress/1.24.0/b4b1b5a3d9573b2970fddab236102c0a4d27d35e/commons-compress-1.24.0.jar Found in HEAD commit: d27ca2750cca1a695b692d1a829e711c65581f27 ## Vulnerabilities | CVE | Severity | CVSS | Dependency |...
## CVE-2024-39689 - High Severity Vulnerability Vulnerable Library - certifi-2023.7.22-py3-none-any.whl Python package for providing Mozilla's CA Bundle. Library home page: https://files.pythonhosted.org/packages/4c/dd/2234eab22353ffc7d94e8d13177aaa050113286e93e7b40eae01fbf7c3d9/certifi-2023.7.22-py3-none-any.whl Dependency Hierarchy: - :x: **certifi-2023.7.22-py3-none-any.whl** (Vulnerable Library) Found in...