[Snyk] Fix for 8 vulnerabilities

Open snyk-bot opened this issue 4 years ago • 0 comments

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- pom.xml

Priority Score (*)	Issue	Upgrade	Breaking Change	Exploit Maturity
399/1000 Why? Has a fix available, CVSS 3.7	Information Exposure SNYK-JAVA-COMMONSCODEC-561518	`org.eclipse.jgit:org.eclipse.jgit:` `4.5.0.201609210915-r -> 5.1.0.201809111528-r`	No	No Known Exploit
479/1000 Why? Has a fix available, CVSS 5.3	Information Exposure SNYK-JAVA-ORGECLIPSEJETTY-174560	`com.sparkjava:spark-core:` `2.7.2 -> 2.9.1`	No	No Known Exploit
654/1000 Why? Has a fix available, CVSS 8.8	Session Hijacking SNYK-JAVA-ORGECLIPSEJETTY-32381	`com.sparkjava:spark-core:` `2.7.2 -> 2.9.1`	No	No Known Exploit
589/1000 Why? Has a fix available, CVSS 7.5	Web Cache Poisoning SNYK-JAVA-ORGECLIPSEJETTY-32383	`com.sparkjava:spark-core:` `2.7.2 -> 2.9.1`	No	No Known Exploit
704/1000 Why? Has a fix available, CVSS 9.8	Authorization Bypass SNYK-JAVA-ORGECLIPSEJETTY-32385	`com.sparkjava:spark-core:` `2.7.2 -> 2.9.1`	No	No Known Exploit
589/1000 Why? Has a fix available, CVSS 7.5	Web Cache Poisoning SNYK-JAVA-ORGECLIPSEJETTY-460763	`com.sparkjava:spark-core:` `2.7.2 -> 2.9.1`	No	No Known Exploit
479/1000 Why? Has a fix available, CVSS 5.3	Information Exposure SNYK-JAVA-ORGECLIPSEJETTY-461008	`com.sparkjava:spark-core:` `2.7.2 -> 2.9.1`	No	No Known Exploit
479/1000 Why? Has a fix available, CVSS 5.3	Information Exposure SNYK-JAVA-ORGECLIPSEJETTY-461009	`com.sparkjava:spark-core:` `2.7.2 -> 2.9.1`	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

Jan 12 '22 16:01 snyk-bot