mend-for-github-com[bot]

CVE-2018-1272 (High) detected in spring-core-4.2.7.RELEASE.jar, spring-core-4.3.9.RELEASE.jar

2

## CVE-2018-1272 - High Severity Vulnerability Vulnerable Libraries - spring-core-4.2.7.RELEASE.jar, spring-core-4.3.9.RELEASE.jar spring-core-4.2.7.RELEASE.jar Spring Core Library home page: https://github.com/spring-projects/spring-framework Path to dependency file: /samples/client/petstore/java/retrofit2-play25/build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.springframework/spring-core/4.2.7.RELEASE/3d08f6f68e0654bf4be50559aec4218334189583/spring-core-4.2.7.RELEASE.jar Dependency Hierarchy:...

## CVE-2022-22965 - High Severity Vulnerability Vulnerable Libraries - spring-beans-4.3.9.RELEASE.jar, spring-beans-4.1.6.RELEASE.jar, spring-beans-4.2.7.RELEASE.jar spring-beans-4.3.9.RELEASE.jar Spring Beans Library home page: https://github.com/spring-projects/spring-framework Path to dependency file: /samples/client/petstore/java/resttemplate-withXml/build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.springframework/spring-beans/4.3.9.RELEASE/daa5abf3779c8cad1a2910e1ea08e4272489d8ae/spring-beans-4.3.9.RELEASE.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.springframework/spring-beans/4.3.9.RELEASE/daa5abf3779c8cad1a2910e1ea08e4272489d8ae/spring-beans-4.3.9.RELEASE.jar Dependency...

## CVE-2020-14195 - High Severity Vulnerability Vulnerable Libraries - jackson-databind-2.8.9.jar, jackson-databind-2.6.4.jar, jackson-databind-2.7.5.jar, jackson-databind-2.7.2.jar, jackson-databind-2.7.8.jar jackson-databind-2.8.9.jar General data-binding functionality for Jackson: works on core streaming API Library home page: http://github.com/FasterXML/jackson Path...

## CVE-2018-14718 - High Severity Vulnerability Vulnerable Libraries - jackson-databind-2.6.4.jar, jackson-databind-2.7.2.jar, jackson-databind-2.8.9.jar, jackson-databind-2.7.5.jar, jackson-databind-2.7.8.jar jackson-databind-2.6.4.jar General data-binding functionality for Jackson: works on core streaming API Library home page: http://github.com/FasterXML/jackson Path...

## CVE-2018-14719 - High Severity Vulnerability Vulnerable Libraries - jackson-databind-2.7.2.jar, jackson-databind-2.6.4.jar, jackson-databind-2.7.8.jar, jackson-databind-2.7.5.jar, jackson-databind-2.8.9.jar jackson-databind-2.7.2.jar General data-binding functionality for Jackson: works on core streaming API Library home page: http://github.com/FasterXML/jackson Path...

## CVE-2020-36518 - High Severity Vulnerability Vulnerable Libraries - jackson-databind-2.11.4.jar, jackson-databind-2.6.4.jar, jackson-databind-2.4.5.jar jackson-databind-2.11.4.jar General data-binding functionality for Jackson: works on core streaming API Library home page: http://github.com/FasterXML/jackson Path to dependency...

## CVE-2019-14379 - High Severity Vulnerability Vulnerable Libraries - jackson-databind-2.6.4.jar, jackson-databind-2.4.5.jar jackson-databind-2.6.4.jar General data-binding functionality for Jackson: works on core streaming API Library home page: http://github.com/FasterXML/jackson Path to dependency file:...

## CVE-2016-10539 - High Severity Vulnerability Vulnerable Library - negotiator-0.5.3.tgz HTTP content negotiation Library home page: https://registry.npmjs.org/negotiator/-/negotiator-0.5.3.tgz Path to dependency file: /samples/dynamic-html/package.json Path to vulnerable library: /samples/dynamic-html/node_modules/negotiator/package.json Dependency Hierarchy: -...

## CVE-2020-14062 - High Severity Vulnerability Vulnerable Libraries - jackson-databind-2.7.8.jar, jackson-databind-2.8.9.jar, jackson-databind-2.7.5.jar, jackson-databind-2.7.2.jar, jackson-databind-2.6.4.jar jackson-databind-2.7.8.jar General data-binding functionality for Jackson: works on core streaming API Library home page: http://github.com/FasterXML/jackson Path...

## CVE-2017-16119 - High Severity Vulnerability Vulnerable Library - fresh-0.3.0.tgz HTTP response freshness testing Library home page: https://registry.npmjs.org/fresh/-/fresh-0.3.0.tgz Path to dependency file: /samples/dynamic-html/package.json Path to vulnerable library: /samples/dynamic-html/node_modules/fresh/package.json Dependency Hierarchy:...