apollo icon indicating copy to clipboard operation
apollo copied to clipboard

Published 20 hours ago verified publisher icon logzio

[Snyk] Upgrade org.eclipse.jetty.websocket:javax-websocket-server-impl from 9.4.5.v20170502 to 9.4.30.v20200611

Open snyk-bot opened this issue 3 years ago • 0 comments

Snyk has created this PR to upgrade org.eclipse.jetty.websocket:javax-websocket-server-impl from 9.4.5.v20170502 to 9.4.30.v20200611.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
  • The recommended version is 35 versions ahead of your current version.
  • The recommended version was released 2 months ago, on 2020-06-11.

The recommended version fixes:

Severity Issue Exploit Maturity
Authorization Bypass
SNYK-JAVA-ORGECLIPSEJETTY-32384		 No Known Exploit
Timing Attack
SNYK-JAVA-ORGECLIPSEJETTY-32151		 No Known Exploit
Cache Poisoning
SNYK-JAVA-ORGECLIPSEJETTY-460763		 No Known Exploit
Authorization Bypass
SNYK-JAVA-ORGECLIPSEJETTY-32385		 No Known Exploit
Session Hijacking
SNYK-JAVA-ORGECLIPSEJETTY-32381		 No Known Exploit
Cache Poisoning
SNYK-JAVA-ORGECLIPSEJETTY-32383		 No Known Exploit
GPL-2.0 license
snyk:lic:maven:mysql:mysql-connector-java:GPL-2.0		 No Data
LGPL-2.1 license
snyk:lic:maven:org.mariadb.jdbc:mariadb-java-client:LGPL-2.1		 No Data
LGPL-2.0 license
snyk:lic:maven:org.hibernate:hibernate-entitymanager:LGPL-2.0		 No Data
LGPL-2.0 license
snyk:lic:maven:org.hibernate:hibernate-c3p0:LGPL-2.0		 No Data
EPL-1.0 license
snyk:lic:maven:org.hibernate.javax.persistence:hibernate-jpa-2.1-api:EPL-1.0		 No Data
LGPL-2.0 license
snyk:lic:maven:org.hibernate.common:hibernate-commons-annotations:LGPL-2.0		 No Data
EPL-1.0 license
snyk:lic:maven:junit:junit:EPL-1.0		 No Data
Dual license: LGPL-2.1, EPL-1.0
snyk:lic:maven:com.mchange:mchange-commons-java:(LGPL-2.1_OR_EPL-1.0)		 No Data
LGPL-2.0 license
snyk:lic:maven:org.hibernate:hibernate-core:LGPL-2.0		 No Data
Information Exposure
SNYK-JAVA-ORGECLIPSEJETTY-461008		 No Known Exploit
Information Exposure
SNYK-JAVA-ORGECLIPSEJETTY-461009		 No Known Exploit
Information Exposure
SNYK-JAVA-ORGECLIPSEJETTY-174560		 No Known Exploit
Denial of Service (DoS)
SNYK-JAVA-ORGECLIPSEJETTY-174011		 No Known Exploit
Dual license: LGPL-2.1, EPL-1.0
snyk:lic:maven:com.mchange:c3p0:(LGPL-2.1_OR_EPL-1.0)		 No Data
Dual license: EPL-1.0, LGPL-2.0
snyk:lic:maven:ch.qos.logback:logback-classic:(EPL-1.0_OR_LGPL-2.0)		 No Data
Dual license: EPL-1.0, LGPL-2.0
snyk:lic:maven:ch.qos.logback:logback-core:(EPL-1.0_OR_LGPL-2.0)		 No Data

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

snyk-bot avatar Aug 06 '20 03:08 snyk-bot