HelenParr

Hi, @Christewart , @benthecarman , I'd like to report a vulnerability issue in **org.bitcoin-s__bitcoin-s-tor_2.13_1.9.0**. ### Issue Description **org.bitcoin-s__bitcoin-s-tor_2.13_1.9.0** directly or transitively depends on ***4*** C libraries (.so). However, I noticed...

The known vulnerabilities in the shared library which AndroidDocumentScanner depends on.Can you help upgrade to patch versions?

1

Hi, @mayuce , @shahawi , I'd like to report a vulnerability issue in **io.github.mayuce:AndroidDocumentScanner:1.6.1**. ### Issue Description **io.github.mayuce:AndroidDocumentScanner:1.6.1** directly or transitively depends on ***7*** C libraries (.so) cross many platforms(such...

Hi, @cjbrooks12 , @singularsyntax , I'd like to report a vulnerability issue in **io.github.javaeden.orchid:OrchidCore:v0.3.12**. ### Issue Description I noticed that **io.github.javaeden.orchid:OrchidCore:v0.3.12** directly depends on **io.bit3:jsass_5.5.3**. As shown in the following...

Hi, @regadas , @richwhitjr , I'd like to report a vulnerable dependency in **com.spotify:featran-spark_2.12:0.8.0-RC2**. ### Issue Description I noticed that **com.spotify:featran-spark_2.12:0.8.0-RC2** directly depends on **org.apache.spark:spark-core_2.12:3.1.1** in the [pom](https://repo1.maven.org/maven2/com/spotify/featran-spark_2.12/0.8.0-RC2/featran-spark_2.12-0.8.0-RC2.pom). However, as...

Hi, @oalam, @MiniPlayer , I'd like to report a vulnerability issue in **com.hurence.logisland:logisland-utils:1.4.0**. ### Issue Description I noticed that **com.hurence.logisland:logisland-utils:1.4.0** directly depends on **com.github.luben:zstd-jni:v1.4.5-6** in the [pom](https://repo1.maven.org/maven2/com/hurence/logisland/logisland-utils/1.4.0/logisland-utils-1.4.0.pom). However, as shown...

Vulnerable shared library might make glow-spark3 vulnerable. Can you help upgrade to patch versions?

4

Hi, @karenfeng , @henrydavidge , I'd like to report a vulnerable dependency in **io.projectglow:glow-spark3_2.12:1.1.2**. ### Issue Description I noticed that **io.projectglow:glow-spark3_2.12:1.1.2** directly depends on **org.apache.spark:spark-core_2.12:3.1.2** in the [pom](https://repo1.maven.org/maven2/io/projectglow/glow-spark3_2.12/1.1.2/glow-spark3_2.12-1.1.2.pom). However, as...

Several vulnerabilities in the shared library which data-migration depends on. Could you help upgrade to patch versions?

1

Hi, @melowe , @namtruong , I'd like to report a vulnerability issue in **com.jpmorgan.quorum:data-migration:0.11**. ### Issue Description **com.jpmorgan.quorum:data-migration:0.11** directly or transitively depends on ***30*** C libraries (.so) cross many platforms(such...

The known vulnerability in the shared library zstd which timeshape-builder depends on.Can you help upgrade to patch versions?

1

Hi, @RomanIakovlev , @juarezr , I'd like to report a vulnerability issue in **net.iakovlev:timeshape-builder:1.0**. ### Issue Description I noticed that **net.iakovlev:timeshape-builder:1.0** directly depends on **com.github.luben:zstd-jni:v1.4.5-5** in the [pom](https://repo1.maven.org/maven2/net/iakovlev/timeshape-builder/1.0/timeshape-builder-1.0.pom). However, as...

Hi, @fangjinuo , I'd like to report a vulnerability issue in **com.github.fangjinuo.langx:langx-java-gmssl:4.1.0**. ### Issue Description **com.github.fangjinuo.langx:langx-java-gmssl:4.1.0** directly depends on ***2*** C libraries (.so). However, I noticed that one C library...

Potential secutiry vulnerability in the C library may invoked by Java code of JPPF. Could you help upgrade the vulnerble dependency?

3

Hi, @lolocohen, I'd like to report a vulnerability issue in **org.jppf:jppf-common:6.3-alpha**. ### Issue Description I noticed that **org.jppf:jppf-common:6.3-alpha** directly depends on **org.lz4:lz4-java:1.6.0**. As shown in the following dependency graph. However,...