奇安信CodeSafe
奇安信CodeSafe
https://github.com/yahoo/fili/blob/97e9e9b5bcd48a2646e28b0eeb9e543a603c1ead/fili-core/src/main/java/com/yahoo/bard/webservice/web/filters/BardLoggingFilter.java#L154 https://github.com/yahoo/fili/blob/97e9e9b5bcd48a2646e28b0eeb9e543a603c1ead/fili-core/src/main/java/com/yahoo/bard/webservice/web/filters/BardLoggingFilter.java#L357 The program can potentially fail to release a system resource.
https://github.com/google/bundletool/blob/f7f5fd2bc6d17e68e349b6611add5566ae2dc720/build.gradle#L45-L46 CVE-2021-22570 CVE-2021-22569 Recommended upgrade version:3.16.1
https://github.com/google/bundletool/blob/f7f5fd2bc6d17e68e349b6611add5566ae2dc720/build.gradle#L59-L60 CVE-2018-1000613 CVE-2018-1000180 CVE-2020-26939 CVE-2017-13098 Recommended upgrade version:1.69
https://github.com/yahoo/mysql_perf_analyzer/blob/94a9292bd4cf07062ec6211e8da9077079db0f79/myperf/pom.xml#L95 CVE-2020-1967 CVE-2020-2934 Recommended upgrade version:8.0.21
https://github.com/yahoo/mysql_perf_analyzer/blob/94a9292bd4cf07062ec6211e8da9077079db0f79/myperf/pom.xml#L42-L51 CVE-2020-5421 Recommended upgrade version: 4.3.28-1
https://github.com/yahoo/mysql_perf_analyzer/blob/94a9292bd4cf07062ec6211e8da9077079db0f79/myperf/pom.xml#L35 CVE-2015-0254 Recommended upgrade version: 1.2.1
https://github.com/yahoo/mysql_perf_analyzer/blob/94a9292bd4cf07062ec6211e8da9077079db0f79/myperf/pom.xml#L63 CVE-2015-1832 CVE-2018-1313 Recommended upgrade version:10.14.2.0
https://github.com/yahoo/mysql_perf_analyzer/blob/94a9292bd4cf07062ec6211e8da9077079db0f79/myperf/pom.xml#L90 CVE-2017-7657 CVE-2017-7658 CVE-2020-27216 Recommended upgrade version:9.3.29.v20201019
The parameter in the request was received at the seventh line in the dbsearch.jsp file and output directly in the page, resulting in a reflective xss vulnerability. 
https://github.com/Optum/dce/blob/5efedfcc89c27b04c3cddf170a9c548a69ad2057/dist/swagger-ui.js#L1 CVE-2019-17495 Recommended upgrade version:3.23.11