mend-for-github-com[bot]

## CVE-2019-14892 - High Severity Vulnerability Vulnerable Libraries - jackson-databind-2.8.9.jar, jackson-databind-2.6.4.jar, jackson-databind-2.7.2.jar, jackson-databind-2.7.8.jar, jackson-databind-2.7.5.jar jackson-databind-2.8.9.jar General data-binding functionality for Jackson: works on core streaming API Library home page: http://github.com/FasterXML/jackson Path...

## CVE-2019-14893 - High Severity Vulnerability Vulnerable Libraries - jackson-databind-2.6.4.jar, jackson-databind-2.7.8.jar, jackson-databind-2.7.5.jar, jackson-databind-2.8.9.jar, jackson-databind-2.7.2.jar jackson-databind-2.6.4.jar General data-binding functionality for Jackson: works on core streaming API Library home page: http://github.com/FasterXML/jackson Path...

## CVE-2020-8203 - High Severity Vulnerability Vulnerable Libraries - lodash-4.17.10.tgz, lodash-4.17.11.tgz lodash-4.17.10.tgz Lodash modular utilities. Library home page: https://registry.npmjs.org/lodash/-/lodash-4.17.10.tgz Path to dependency file: /samples/client/petstore/typescript-node/npm/package.json Path to vulnerable library: /samples/client/petstore/typescript-node/npm/node_modules/lodash/package.json Dependency...

## CVE-2018-15756 - High Severity Vulnerability Vulnerable Library - spring-web-4.3.9.RELEASE.jar Spring Web Library home page: https://github.com/spring-projects/spring-framework Path to dependency file: /samples/client/petstore/java/resttemplate-withXml/build.gradle Path to vulnerable library: /aches/modules-2/files-2.1/org.springframework/spring-web/4.3.9.RELEASE/91dae64c4280093ad5fb4736a10913c9233479c1/spring-web-4.3.9.RELEASE.jar,/aches/modules-2/files-2.1/org.springframework/spring-web/4.3.9.RELEASE/91dae64c4280093ad5fb4736a10913c9233479c1/spring-web-4.3.9.RELEASE.jar Dependency Hierarchy: - :x:...

## CVE-2020-7238 - High Severity Vulnerability Vulnerable Libraries - netty-codec-http-4.1.8.Final.jar, netty-codec-http-4.0.42.Final.jar netty-codec-http-4.1.8.Final.jar Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers and...

## CVE-2021-20190 - High Severity Vulnerability Vulnerable Libraries - jackson-databind-2.4.5.jar, jackson-databind-2.6.4.jar jackson-databind-2.4.5.jar General data-binding functionality for Jackson: works on core streaming API Library home page: http://github.com/FasterXML/jackson Path to dependency file:...

CVE-2018-11040 (High) detected in spring-web-4.3.9.RELEASE.jar

2

## CVE-2018-11040 - High Severity Vulnerability Vulnerable Library - spring-web-4.3.9.RELEASE.jar Spring Web Library home page: https://github.com/spring-projects/spring-framework Path to dependency file: /samples/client/petstore/java/resttemplate-withXml/build.gradle Path to vulnerable library: /aches/modules-2/files-2.1/org.springframework/spring-web/4.3.9.RELEASE/91dae64c4280093ad5fb4736a10913c9233479c1/spring-web-4.3.9.RELEASE.jar,/aches/modules-2/files-2.1/org.springframework/spring-web/4.3.9.RELEASE/91dae64c4280093ad5fb4736a10913c9233479c1/spring-web-4.3.9.RELEASE.jar Dependency Hierarchy: - :x:...

## CVE-2019-16943 - High Severity Vulnerability Vulnerable Libraries - jackson-databind-2.6.4.jar, jackson-databind-2.7.5.jar, jackson-databind-2.8.9.jar, jackson-databind-2.7.8.jar, jackson-databind-2.7.2.jar jackson-databind-2.6.4.jar General data-binding functionality for Jackson: works on core streaming API Library home page: http://github.com/FasterXML/jackson Path...

## CVE-2019-16942 - High Severity Vulnerability Vulnerable Libraries - jackson-databind-2.8.9.jar, jackson-databind-2.7.8.jar, jackson-databind-2.6.4.jar, jackson-databind-2.7.2.jar, jackson-databind-2.7.5.jar jackson-databind-2.8.9.jar General data-binding functionality for Jackson: works on core streaming API Library home page: http://github.com/FasterXML/jackson Path...

## CVE-2020-10650 - High Severity Vulnerability Vulnerable Libraries - jackson-databind-2.6.4.jar, jackson-databind-2.7.8.jar, jackson-databind-2.8.9.jar, jackson-databind-2.7.5.jar, jackson-databind-2.7.2.jar jackson-databind-2.6.4.jar General data-binding functionality for Jackson: works on core streaming API Library home page: http://github.com/FasterXML/jackson Path...