terrakube icon indicating copy to clipboard operation
terrakube copied to clipboard
verified publisher icon AzBuilder

[Snyk] Security upgrade org.mock-server:mockserver-spring-test-listener from 5.13.2 to 5.15.0

Open alfespa17 opened this issue 1 year ago • 1 comments

This PR was automatically created by Snyk using the credentials of a real user.


![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)

Snyk has created this PR to fix 4 vulnerabilities in the maven dependencies of this project.

Snyk changed the following file(s):

  • registry/pom.xml

Vulnerabilities that will be fixed with an upgrade:

Issue Score Upgrade
high severity Arbitrary Code Execution
SNYK-JAVA-ORGAPACHECOMMONS-3043138		   630   org.mock-server:mockserver-spring-test-listener:
5.13.2 -> 5.15.0
No Path Found Proof of Concept
medium severity Uncontrolled Resource Consumption ('Resource Exhaustion')
SNYK-JAVA-ORGBOUNCYCASTLE-6084022		   425   org.mock-server:mockserver-spring-test-listener:
5.13.2 -> 5.15.0
No Path Found No Known Exploit
medium severity Allocation of Resources Without Limits or Throttling
SNYK-JAVA-ORGBOUNCYCASTLE-6613080		   415   org.mock-server:mockserver-spring-test-listener:
5.13.2 -> 5.15.0
No Path Found No Known Exploit
medium severity Information Exposure
SNYK-JAVA-ORGBOUNCYCASTLE-5771339		   385   org.mock-server:mockserver-spring-test-listener:
5.13.2 -> 5.15.0
No Path Found No Known Exploit

[!IMPORTANT]

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report 📜 Customise PR templates 🛠 Adjust project settings 📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Arbitrary Code Execution 🦉 Uncontrolled Resource Consumption ('Resource Exhaustion') 🦉 Allocation of Resources Without Limits or Throttling

[//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"org.mock-server:mockserver-spring-test-listener","from":"5.13.2","to":"5.15.0"}],"env":"prod","issuesToFix":[{"exploit_maturity":"Proof of Concept","id":"SNYK-JAVA-ORGAPACHECOMMONS-3043138","priority_score":630,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":75},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Arbitrary Code Execution"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-ORGBOUNCYCASTLE-5771339","priority_score":385,"priority_score_factors":[{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"4.7","score":235},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Information Exposure"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-ORGBOUNCYCASTLE-6084022","priority_score":425,"priority_score_factors":[{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"5.5","score":275},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Uncontrolled Resource Consumption ('Resource Exhaustion')"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-ORGBOUNCYCASTLE-6613080","priority_score":415,"priority_score_factors":[{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Allocation of Resources Without Limits or Throttling"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-ORGBOUNCYCASTLE-5771339","priority_score":385,"priority_score_factors":[{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"4.7","score":235},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Information Exposure"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-ORGBOUNCYCASTLE-6084022","priority_score":425,"priority_score_factors":[{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"5.5","score":275},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Uncontrolled Resource Consumption ('Resource Exhaustion')"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-ORGBOUNCYCASTLE-6613080","priority_score":415,"priority_score_factors":[{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Allocation of Resources Without Limits or Throttling"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-ORGBOUNCYCASTLE-5771339","priority_score":385,"priority_score_factors":[{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"4.7","score":235},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Information Exposure"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-ORGBOUNCYCASTLE-6084022","priority_score":425,"priority_score_factors":[{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"5.5","score":275},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Uncontrolled Resource Consumption ('Resource Exhaustion')"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-ORGBOUNCYCASTLE-6613080","priority_score":415,"priority_score_factors":[{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Allocation of Resources Without Limits or Throttling"}],"prId":"fbd01884-fff7-4153-b4c4-675c249302a9","prPublicId":"fbd01884-fff7-4153-b4c4-675c249302a9","packageManager":"maven","priorityScoreList":[630,385,425,415],"projectPublicId":"0f7dc941-021b-4270-9776-aa1db845f13d","projectUrl":"https://app.snyk.io/org/azbuilder/project/0f7dc941-021b-4270-9776-aa1db845f13d?utm_source=github&utm_medium=referral&page=fix-pr","prType":"fix","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":["updated-fix-title","priorityScore"],"type":"auto","upgrade":["SNYK-JAVA-ORGAPACHECOMMONS-3043138","SNYK-JAVA-ORGBOUNCYCASTLE-5771339","SNYK-JAVA-ORGBOUNCYCASTLE-6084022","SNYK-JAVA-ORGBOUNCYCASTLE-6613080"],"vulns":["SNYK-JAVA-ORGAPACHECOMMONS-3043138","SNYK-JAVA-ORGBOUNCYCASTLE-5771339","SNYK-JAVA-ORGBOUNCYCASTLE-6084022","SNYK-JAVA-ORGBOUNCYCASTLE-6613080"],"patch":[],"isBreakingChange":false,"remediationStrategy":"vuln"}'

alfespa17 avatar Jun 24 '24 00:06 alfespa17

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

sonarqubecloud[bot] avatar Jun 24 '24 00:06 sonarqubecloud[bot]

Duplicated of #1062

alfespa17 avatar Aug 05 '24 19:08 alfespa17