ff4j-samples
ff4j-samples copied to clipboard
ff4j
[Snyk] Security upgrade com.amazonaws:aws-java-sdk-dynamodb from 1.11.507 to 1.12.771
Snyk has created this PR to fix 54 vulnerabilities in the maven dependencies of this project.
Snyk changed the following file(s):
-
spring-boot-1x/ff4j-sample-dynamodb/pom.xml
Vulnerabilities that will be fixed with an upgrade:
| Issue | Score | Upgrade | |
|---|---|---|---|
 |
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-450917 |
705 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found Mature |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-467015 |
675 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found Mature |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1054588 |
630 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found Proof of Concept |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056416 |
630 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found Proof of Concept |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056418 |
630 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found Proof of Concept |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056420 |
630 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found Proof of Concept |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056421 |
630 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found Proof of Concept |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056426 |
630 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found Proof of Concept |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056427 |
630 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found Proof of Concept |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-174736 |
630 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found Proof of Concept |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-548451 |
630 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found Proof of Concept |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-559094 |
630 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found Proof of Concept |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-559106 |
630 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found Proof of Concept |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-560762 |
630 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found Proof of Concept |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-561585 |
630 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found Proof of Concept |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-608664 |
630 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found Proof of Concept |
|
Denial of Service (DoS) SNYK-JAVA-COMFASTERXMLJACKSONCORE-7569538 |
585 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1009829 |
563 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1047324 |
563 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056414 |
563 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056417 |
563 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056419 |
563 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056424 |
563 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056425 |
563 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-467016 |
563 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-560766 |
563 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-561362 |
563 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-561373 |
563 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-561586 |
563 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-561587 |
563 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-564887 |
563 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-564888 |
563 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-570625 |
563 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-572300 |
563 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-572314 |
563 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-572316 |
563 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1052449 |
555 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1052450 |
555 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1061931 |
555 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-455617 |
555 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-467014 |
555 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-469674 |
555 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-469676 |
555 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-471943 |
555 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-472980 |
555 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-540500 |
555 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-6056407 |
555 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Denial of Service (DoS) SNYK-JAVA-COMFASTERXMLJACKSONCORE-2421244 |
525 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Denial of Service (DoS) SNYK-JAVA-COMFASTERXMLJACKSONDATAFORMAT-1047329 |
525 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
|
Allocation of Resources Without Limits or Throttling SNYK-JAVA-SOFTWAREAMAZONION-6153869 |
525 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
 |
Denial of Service (DoS) SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038424 |
520 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found Proof of Concept |
|
Denial of Service (DoS) SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038426 |
520 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found Proof of Concept |
|
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-450207 |
520 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found Proof of Concept |
|
Directory Traversal SNYK-JAVA-COMAMAZONAWS-2952700 |
475 | com.amazonaws:aws-java-sdk-dynamodb: 1.11.507 -> 1.12.771 No Path Found No Known Exploit |
[!IMPORTANT]
- Check the changes in this PR to ensure they won't cause issues with your project.
- Max score is 1000. Note that the real score may have changed since the PR was raised.
- This PR was automatically created by Snyk using the credentials of a real user.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Directory Traversal 🦉 Deserialization of Untrusted Data 🦉 Denial of Service (DoS) 🦉 More lessons are available in Snyk Learn
[//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"com.amazonaws:aws-java-sdk-dynamodb","from":"1.11.507","to":"1.12.771"}],"env":"prod","issuesToFix":[{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMAMAZONAWS-2952700","priority_score":475,"priority_score_factors":[{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"6.5","score":325},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Directory Traversal"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-1009829","priority_score":563,"priority_score_factors":[{"type":"exploit","label":"Unproven","score":8},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-1047324","priority_score":563,"priority_score_factors":[{"type":"exploit","label":"Unproven","score":8},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-1052449","priority_score":555,"priority_score_factors":[{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-1052450","priority_score":555,"priority_score_factors":[{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-1054588","priority_score":630,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":75},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056414","priority_score":563,"priority_score_factors":[{"type":"exploit","label":"Unproven","score":8},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056416","priority_score":630,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":75},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056417","priority_score":563,"priority_score_factors":[{"type":"exploit","label":"Unproven","score":8},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056418","priority_score":630,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":75},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056419","priority_score":563,"priority_score_factors":[{"type":"exploit","label":"Unproven","score":8},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056420","priority_score":630,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":75},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056421","priority_score":630,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":75},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056424","priority_score":563,"priority_score_factors":[{"type":"exploit","label":"Unproven","score":8},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056425","priority_score":563,"priority_score_factors":[{"type":"exploit","label":"Unproven","score":8},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056426","priority_score":630,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":75},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056427","priority_score":630,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":75},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-1061931","priority_score":555,"priority_score_factors":[{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-174736","priority_score":630,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":75},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-2421244","priority_score":525,"priority_score_factors":[{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Denial of Service (DoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038424","priority_score":520,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":75},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"5.9","score":295},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Denial of Service (DoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038426","priority_score":520,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":75},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"5.9","score":295},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Denial of Service (DoS)"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-450207","priority_score":520,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":75},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"5.9","score":295},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"Mature","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-450917","priority_score":705,"priority_score_factors":[{"type":"exploit","label":"High","score":150},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-455617","priority_score":555,"priority_score_factors":[{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-467014","priority_score":555,"priority_score_factors":[{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"Mature","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-467015","priority_score":675,"priority_score_factors":[{"type":"exploit","label":"Functional","score":120},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-467016","priority_score":563,"priority_score_factors":[{"type":"exploit","label":"Unproven","score":8},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-469674","priority_score":555,"priority_score_factors":[{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-469676","priority_score":555,"priority_score_factors":[{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-471943","priority_score":555,"priority_score_factors":[{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-472980","priority_score":555,"priority_score_factors":[{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-540500","priority_score":555,"priority_score_factors":[{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-548451","priority_score":630,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":75},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-559094","priority_score":630,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":75},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-559106","priority_score":630,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":75},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-560762","priority_score":630,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":75},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-560766","priority_score":563,"priority_score_factors":[{"type":"exploit","label":"Unproven","score":8},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-561362","priority_score":563,"priority_score_factors":[{"type":"exploit","label":"Unproven","score":8},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-561373","priority_score":563,"priority_score_factors":[{"type":"exploit","label":"Unproven","score":8},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-561585","priority_score":630,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":75},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-561586","priority_score":563,"priority_score_factors":[{"type":"exploit","label":"Unproven","score":8},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-561587","priority_score":563,"priority_score_factors":[{"type":"exploit","label":"Unproven","score":8},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-564887","priority_score":563,"priority_score_factors":[{"type":"exploit","label":"Unproven","score":8},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-564888","priority_score":563,"priority_score_factors":[{"type":"exploit","label":"Unproven","score":8},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-570625","priority_score":563,"priority_score_factors":[{"type":"exploit","label":"Unproven","score":8},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-572300","priority_score":563,"priority_score_factors":[{"type":"exploit","label":"Unproven","score":8},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-572314","priority_score":563,"priority_score_factors":[{"type":"exploit","label":"Unproven","score":8},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-572316","priority_score":563,"priority_score_factors":[{"type":"exploit","label":"Unproven","score":8},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-6056407","priority_score":555,"priority_score_factors":[{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"Proof of Concept","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-608664","priority_score":630,"priority_score_factors":[{"type":"exploit","label":"Proof of Concept","score":75},{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.1","score":405},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Deserialization of Untrusted Data"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONCORE-7569538","priority_score":585,"priority_score_factors":[{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"8.7","score":435},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Denial of Service (DoS)"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-COMFASTERXMLJACKSONDATAFORMAT-1047329","priority_score":525,"priority_score_factors":[{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Denial of Service (DoS)"},{"exploit_maturity":"No Known Exploit","id":"SNYK-JAVA-SOFTWAREAMAZONION-6153869","priority_score":525,"priority_score_factors":[{"type":"fixability","label":true,"score":150},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Allocation of Resources Without Limits or Throttling"}],"prId":"3d058397-a55b-4ee8-8a63-e8f5b309681e","prPublicId":"3d058397-a55b-4ee8-8a63-e8f5b309681e","packageManager":"maven","priorityScoreList":[475,563,563,555,555,630,563,630,563,630,563,630,630,563,563,630,630,555,630,525,520,520,520,705,555,555,675,563,555,555,555,555,555,630,630,630,630,563,563,563,630,563,563,563,563,563,563,563,563,555,630,585,525,525],"projectPublicId":"405a94f1-2700-40d2-b5af-7affcfe124fb","projectUrl":"https://app.snyk.io/org/clun/project/405a94f1-2700-40d2-b5af-7affcfe124fb?utm_source=github&utm_medium=referral&page=fix-pr","prType":"fix","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":["updated-fix-title","priorityScore"],"type":"auto","upgrade":["SNYK-JAVA-COMAMAZONAWS-2952700","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1009829","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1047324","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1052449","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1052450","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1054588","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056414","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056416","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056417","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056418","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056419","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056420","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056421","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056424","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056425","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056426","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056427","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1061931","SNYK-JAVA-COMFASTERXMLJACKSONCORE-174736","SNYK-JAVA-COMFASTERXMLJACKSONCORE-2421244","SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038424","SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038426","SNYK-JAVA-COMFASTERXMLJACKSONCORE-450207","SNYK-JAVA-COMFASTERXMLJACKSONCORE-450917","SNYK-JAVA-COMFASTERXMLJACKSONCORE-455617","SNYK-JAVA-COMFASTERXMLJACKSONCORE-467014","SNYK-JAVA-COMFASTERXMLJACKSONCORE-467015","SNYK-JAVA-COMFASTERXMLJACKSONCORE-467016","SNYK-JAVA-COMFASTERXMLJACKSONCORE-469674","SNYK-JAVA-COMFASTERXMLJACKSONCORE-469676","SNYK-JAVA-COMFASTERXMLJACKSONCORE-471943","SNYK-JAVA-COMFASTERXMLJACKSONCORE-472980","SNYK-JAVA-COMFASTERXMLJACKSONCORE-540500","SNYK-JAVA-COMFASTERXMLJACKSONCORE-548451","SNYK-JAVA-COMFASTERXMLJACKSONCORE-559094","SNYK-JAVA-COMFASTERXMLJACKSONCORE-559106","SNYK-JAVA-COMFASTERXMLJACKSONCORE-560762","SNYK-JAVA-COMFASTERXMLJACKSONCORE-560766","SNYK-JAVA-COMFASTERXMLJACKSONCORE-561362","SNYK-JAVA-COMFASTERXMLJACKSONCORE-561373","SNYK-JAVA-COMFASTERXMLJACKSONCORE-561585","SNYK-JAVA-COMFASTERXMLJACKSONCORE-561586","SNYK-JAVA-COMFASTERXMLJACKSONCORE-561587","SNYK-JAVA-COMFASTERXMLJACKSONCORE-564887","SNYK-JAVA-COMFASTERXMLJACKSONCORE-564888","SNYK-JAVA-COMFASTERXMLJACKSONCORE-570625","SNYK-JAVA-COMFASTERXMLJACKSONCORE-572300","SNYK-JAVA-COMFASTERXMLJACKSONCORE-572314","SNYK-JAVA-COMFASTERXMLJACKSONCORE-572316","SNYK-JAVA-COMFASTERXMLJACKSONCORE-6056407","SNYK-JAVA-COMFASTERXMLJACKSONCORE-608664","SNYK-JAVA-COMFASTERXMLJACKSONCORE-7569538","SNYK-JAVA-COMFASTERXMLJACKSONDATAFORMAT-1047329","SNYK-JAVA-SOFTWAREAMAZONION-6153869"],"vulns":["SNYK-JAVA-COMAMAZONAWS-2952700","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1009829","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1047324","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1052449","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1052450","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1054588","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056414","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056416","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056417","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056418","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056419","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056420","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056421","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056424","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056425","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056426","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056427","SNYK-JAVA-COMFASTERXMLJACKSONCORE-1061931","SNYK-JAVA-COMFASTERXMLJACKSONCORE-174736","SNYK-JAVA-COMFASTERXMLJACKSONCORE-2421244","SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038424","SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038426","SNYK-JAVA-COMFASTERXMLJACKSONCORE-450207","SNYK-JAVA-COMFASTERXMLJACKSONCORE-450917","SNYK-JAVA-COMFASTERXMLJACKSONCORE-455617","SNYK-JAVA-COMFASTERXMLJACKSONCORE-467014","SNYK-JAVA-COMFASTERXMLJACKSONCORE-467015","SNYK-JAVA-COMFASTERXMLJACKSONCORE-467016","SNYK-JAVA-COMFASTERXMLJACKSONCORE-469674","SNYK-JAVA-COMFASTERXMLJACKSONCORE-469676","SNYK-JAVA-COMFASTERXMLJACKSONCORE-471943","SNYK-JAVA-COMFASTERXMLJACKSONCORE-472980","SNYK-JAVA-COMFASTERXMLJACKSONCORE-540500","SNYK-JAVA-COMFASTERXMLJACKSONCORE-548451","SNYK-JAVA-COMFASTERXMLJACKSONCORE-559094","SNYK-JAVA-COMFASTERXMLJACKSONCORE-559106","SNYK-JAVA-COMFASTERXMLJACKSONCORE-560762","SNYK-JAVA-COMFASTERXMLJACKSONCORE-560766","SNYK-JAVA-COMFASTERXMLJACKSONCORE-561362","SNYK-JAVA-COMFASTERXMLJACKSONCORE-561373","SNYK-JAVA-COMFASTERXMLJACKSONCORE-561585","SNYK-JAVA-COMFASTERXMLJACKSONCORE-561586","SNYK-JAVA-COMFASTERXMLJACKSONCORE-561587","SNYK-JAVA-COMFASTERXMLJACKSONCORE-564887","SNYK-JAVA-COMFASTERXMLJACKSONCORE-564888","SNYK-JAVA-COMFASTERXMLJACKSONCORE-570625","SNYK-JAVA-COMFASTERXMLJACKSONCORE-572300","SNYK-JAVA-COMFASTERXMLJACKSONCORE-572314","SNYK-JAVA-COMFASTERXMLJACKSONCORE-572316","SNYK-JAVA-COMFASTERXMLJACKSONCORE-6056407","SNYK-JAVA-COMFASTERXMLJACKSONCORE-608664","SNYK-JAVA-COMFASTERXMLJACKSONCORE-7569538","SNYK-JAVA-COMFASTERXMLJACKSONDATAFORMAT-1047329","SNYK-JAVA-SOFTWAREAMAZONION-6153869"],"patch":[],"isBreakingChange":false,"remediationStrategy":"vuln"}'
