-
-
CVE-2023-31418 - currently not available (yet?) in [NVD](https://nvd.nist.gov/vuln/detail/CVE-2023-31418) but found and fixed by Elasticsearch:
https://discuss.elastic.co/t/elasticsearch-8-9-0-7-17-1…
-
**Vulnerability URL**
https://ossindex.sonatype.org/vulnerability/sonatype-2020-0926?component-type=maven&component-name=com.google.guava/guava
**Component URL**
https://ossindex.sonatype.org/com…
-
ossindex-public/ossindex-service-client `v1.8.1` is using a version of `gson` library which is vulnerable to CVE-2022-25647. The issue is fixed in gson v2.8.9+
See https://security.snyk.io/vuln/SNY…
-
**Vulnerability URL**
**Description**
```text
pkg:npm/canvas@2.10.0 - 1 vulnerability found!
Vulnerability Title: 1 vulnerability found
ID: sonatype-2019-0142
Description: 1 non…
-
We will (soon :crossed_fingers:) have [`jake`](https://github.com/sonatype-nexus-community/jake) [available from `conda-forge`](https://github.com/conda-forge/jake-feedstock), which, despite its serpe…
-
The dependency
```
commons-validator
1.6
test
```
pulls in what seems to be a vulnerable version of commons-beanutils as…
-
https://ossindex.sonatype.org/vulnerability/CVE-2020-7731?component-type=golang&component-name=github.com%2Frussellhaering%2Fgosaml2
> This affects all versions of package github.com/russellhaering…
-
OSSIndex marks phantomjs-prebuilt@2.1.16 with a vulnerability but the npm advisory links to phantomjs-cheniu
https://ossindex.sonatype.org/component/pkg:npm/phantomjs-prebuilt@2.1.16
https://www.n…
-
## Version **2.2.2** of [auditjs](https://github.com/OSSIndex/auditjs) just got published.
Branch
Build failing 🚨
Dependency
audi…