mend-for-github-com[bot]

Vulnerable Library - github.com/uber-go/tally/v4-v4.1.2 A Go metrics interface with fast buffered metrics and third party reporters Library home page: https://proxy.golang.org/github.com/uber-go/tally/v4/@v/v4.1.2.zip Found in HEAD commit: f50d84c1446361d7af74c5ac0d11c7d5755e0e7e ## Vulnerabilities | CVE |...

## CVE-2022-25857 - High Severity Vulnerability Vulnerable Libraries - snakeyaml-1.15.jar, snakeyaml-1.12.jar, snakeyaml-1.16.jar, snakeyaml-1.30.jar snakeyaml-1.15.jar YAML 1.1 parser and emitter for Java Library home page: http://www.snakeyaml.org Path to dependency file: /samples/server/petstore/jaxrs-resteasy/joda/build.gradle...

## CVE-2022-40150 - High Severity Vulnerability Vulnerable Library - jettison-1.1.jar A StAX implementation for JSON. Path to dependency file: /samples/client/petstore/scala/build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.codehaus.jettison/jettison/1.1/1a01a2a1218fcf9faa2cc2a6ced025bdea687262/jettison-1.1.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.codehaus.jettison/jettison/1.1/1a01a2a1218fcf9faa2cc2a6ced025bdea687262/jettison-1.1.jar Dependency Hierarchy: - jersey-ahc-client-1.0.5.jar (Root...

## CVE-2022-40149 - High Severity Vulnerability Vulnerable Library - jettison-1.1.jar A StAX implementation for JSON. Path to dependency file: /samples/client/petstore/scala/build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.codehaus.jettison/jettison/1.1/1a01a2a1218fcf9faa2cc2a6ced025bdea687262/jettison-1.1.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.codehaus.jettison/jettison/1.1/1a01a2a1218fcf9faa2cc2a6ced025bdea687262/jettison-1.1.jar Dependency Hierarchy: - jersey-ahc-client-1.0.5.jar (Root...

## WS-2022-0161 - High Severity Vulnerability Vulnerable Library - newtonsoft.json.10.0.3.nupkg Json.NET is a popular high-performance JSON framework for .NET Library home page: https://api.nuget.org/packages/newtonsoft.json.10.0.3.nupkg Dependency Hierarchy: - :x: **newtonsoft.json.10.0.3.nupkg** (Vulnerable Library)...

## WS-2017-3805 - High Severity Vulnerability Vulnerable Library - json-20140107.jar JSON is a light-weight, language independent, data interchange format. See http://www.JSON.org/ The files in this package implement JSON encoders/decoders in...

## CVE-2019-10747 - High Severity Vulnerability Vulnerable Libraries - set-value-0.4.3.tgz, set-value-2.0.0.tgz set-value-0.4.3.tgz Create nested values and any intermediaries using dot notation (`'a.b.c'`) paths. Library home page: https://registry.npmjs.org/set-value/-/set-value-0.4.3.tgz Path to dependency...

## CVE-2019-10744 - High Severity Vulnerability Vulnerable Libraries - lodash-4.17.11.tgz, lodash-4.17.10.tgz lodash-4.17.11.tgz Lodash modular utilities. Library home page: https://registry.npmjs.org/lodash/-/lodash-4.17.11.tgz Path to dependency file: /samples/client/petstore/javascript-es6/package.json Path to vulnerable library: /samples/client/petstore/javascript-es6/node_modules/lodash/package.json,/samples/client/petstore/javascript-promise-es6/node_modules/lodash/package.json Dependency...

## CVE-2018-16492 - High Severity Vulnerability Vulnerable Libraries - extend-3.0.0.tgz, extend-3.0.1.tgz extend-3.0.0.tgz Port of jQuery.extend for node.js and the browser Library home page: https://registry.npmjs.org/extend/-/extend-3.0.0.tgz Path to dependency file: /samples/server/petstore/nodejs-google-cloud-functions/package.json Path...

## CVE-2019-9515 - High Severity Vulnerability Vulnerable Library - netty-codec-http2-4.1.8.Final.jar Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers and clients. Library...