Spring-Boot-Application-Template
Spring-Boot-Application-Template copied to clipboard
Published
20 hours ago •
AnanthaRajuC
AnanthaRajuC
[Snyk] Upgrade io.jsonwebtoken:jjwt-jackson from 0.11.2 to 0.11.5
Snyk has created this PR to upgrade io.jsonwebtoken:jjwt-jackson from 0.11.2 to 0.11.5.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is 3 versions ahead of your current version.
- The recommended version was released 4 months ago, on 2022-04-28.
The recommended version fixes:
| Severity | Issue | PriorityScore (*) | Exploit Maturity |
|---|---|---|---|
 |
Authorization Bypass SNYK-JAVA-ORGSPRINGFRAMEWORKSECURITY-2833359 |
731/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.2 |
Proof of Concept |
|
Information Exposure SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 |
731/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.2 |
Proof of Concept |
|
Remote Code Execution (RCE) SNYK-JAVA-COMH2DATABASE-2331071 |
731/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.2 |
Proof of Concept |
|
XML External Entity (XXE) Injection SNYK-JAVA-COMH2DATABASE-1769238 |
731/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.2 |
Proof of Concept |
|
Denial of Service (DoS) SNYK-JAVA-COMFASTERXMLJACKSONCORE-2421244 |
731/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.2 |
No Known Exploit |
 |
Integer Overflow or Wraparound SNYK-JAVA-ORGSPRINGFRAMEWORKSECURITY-2833360 |
731/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.2 |
Proof of Concept |
|
Denial of Service (DoS) SNYK-JAVA-ORGSPRINGFRAMEWORK-2823313 |
731/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.2 |
No Known Exploit |
 |
Improper Handling of Case Sensitivity SNYK-JAVA-ORGSPRINGFRAMEWORK-2689634 |
731/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.2 |
Proof of Concept |
 |
Remote Code Execution SNYK-JAVA-ORGSPRINGFRAMEWORK-2436751 |
731/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.2 |
Mature |
|
Denial of Service (DoS) SNYK-JAVA-ORGSPRINGFRAMEWORK-2434828 |
731/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.2 |
No Known Exploit |
|
Remote Code Execution (RCE) SNYK-JAVA-COMH2DATABASE-2348247 |
731/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.2 |
Proof of Concept |
(*) Note that the real score may have changed since the PR was raised.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🔕 Ignore this dependency or unsubscribe from future upgrade PRs
