mend-for-github-com[bot]
mend-for-github-com[bot]
## CVE-2022-42969 - Medium Severity Vulnerability Vulnerable Library - py-1.11.0-py2.py3-none-any.whl library with cross-python path, ini-parsing, io, code, log facilities Library home page: https://files.pythonhosted.org/packages/f6/f0/10642828a8dfb741e5f3fbaac830550a518a775c7fff6f04a007259b0548/py-1.11.0-py2.py3-none-any.whl Path to dependency file: /dev-requirements.txt Path to...
## CVE-2022-42969 - Medium Severity Vulnerability Vulnerable Library - py-1.11.0-py2.py3-none-any.whl library with cross-python path, ini-parsing, io, code, log facilities Library home page: https://files.pythonhosted.org/packages/f6/f0/10642828a8dfb741e5f3fbaac830550a518a775c7fff6f04a007259b0548/py-1.11.0-py2.py3-none-any.whl Path to dependency file: /dev-requirements.txt Path to...
Vulnerable Library - github.com/uber-go/tally/v4-v4.1.1 A Go metrics interface with fast buffered metrics and third party reporters Library home page: https://proxy.golang.org/github.com/uber-go/tally/v4/@v/v4.1.1.zip Found in HEAD commit: f334c489674c9ad224a791ced3eeec047e64e4ce ## Vulnerabilities | CVE |...
## CVE-2022-3517 - High Severity Vulnerability Vulnerable Library - minimatch-3.0.4.tgz a glob matcher in javascript Library home page: https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz Path to dependency file: /samples/testing-frameworks/appium/server-side/javascript/webdriver.io/package.json Path to vulnerable library: /samples/testing-frameworks/appium/server-side/javascript/webdriver.io/node_modules/mocha/node_modules/minimatch/package.json,/samples/testing-frameworks/appium/server-side/javascript/webdriver.io/node_modules/recursive-readdir/node_modules/minimatch/package.json,/samples/testing-frameworks/desktop-browsers/client-side/NodeJS/node_modules/minimatch/package.json Dependency...
## CVE-2022-42889 - High Severity Vulnerability Vulnerable Library - commons-text-1.9.jar Apache Commons Text is a library focused on algorithms working on strings. Library home page: https://commons.apache.org/proper/commons-text Path to dependency file:...
## CVE-2022-42003 - High Severity Vulnerability Vulnerable Library - jackson-databind-2.13.3.jar General data-binding functionality for Jackson: works on core streaming API Library home page: http://github.com/FasterXML/jackson Path to dependency file: /samples/testing-frameworks/appium/server-side/image-recognition/pom.xml Path...
## CVE-2022-42004 - High Severity Vulnerability Vulnerable Library - jackson-databind-2.13.3.jar General data-binding functionality for Jackson: works on core streaming API Library home page: http://github.com/FasterXML/jackson Path to dependency file: /samples/testing-frameworks/appium/server-side/image-recognition/pom.xml Path...
## WS-2021-0638 - High Severity Vulnerability Vulnerable Libraries - mocha-8.4.0.tgz, mocha-10.0.0.tgz mocha-8.4.0.tgz simple, flexible, fun test framework Library home page: https://registry.npmjs.org/mocha/-/mocha-8.4.0.tgz Path to dependency file: /samples/testing-frameworks/appium/server-side/javascript/webdriver.io/package.json Path to vulnerable library:...
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [com.fasterxml.jackson.core:jackson-databind](https://togithub.com/FasterXML/jackson-databind) | patch | `2.13.3` -> `2.13.4` | By merging this PR, the issue #415...
Vulnerable Library - jackson-databind-2.13.3.jar General data-binding functionality for Jackson: works on core streaming API Library home page: http://github.com/FasterXML/jackson Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/com.fasterxml.jackson.core/jackson-databind/2.13.3/56deb9ea2c93a7a556b3afbedd616d342963464e/jackson-databind-2.13.3.jar,/aches/modules-2/files-2.1/com.fasterxml.jackson.core/jackson-databind/2.13.3/56deb9ea2c93a7a556b3afbedd616d342963464e/jackson-databind-2.13.3.jar ## Vulnerabilities...