search

carbynestack / castor

Carbyne Stack tuple store for secure multiparty computation
https://carbynestack.io
Apache License 2.0
7 stars 4 forks source link

[Snyk] Security upgrade com.fasterxml.jackson.core:jackson-databind from 2.12.6 to 2.13.2.1 #28

Closed snyk-bot closed 1 year ago

snyk-bot commented 2 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `maven` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Upgrade Breaking Change Exploit Maturity
high severity 661/1000
Why? Recently disclosed, Has a fix available, CVSS 7.5		 Denial of Service (DoS)
SNYK-JAVA-COMFASTERXMLJACKSONCORE-2421244		 com.fasterxml.jackson.core:jackson-databind:
2.12.6 -> 2.13.2.1
No No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

πŸ›  Adjust project settings

πŸ“š Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

πŸ¦‰ Learn about vulnerability in an interactive lesson of Snyk Learn.

codecov[bot] commented 2 years ago

Codecov Report

Merging #28 (bde853e) into master (0b1c113) will not change coverage. The diff coverage is n/a.

Impacted file tree graph

@@            Coverage Diff            @@
##             master      #28   +/-   ##
=========================================
  Coverage     85.47%   85.47%           
  Complexity      336      336           
=========================================
  Files            61       61           
  Lines          1212     1212           
  Branches         80       80           
=========================================
  Hits           1036     1036           
  Misses          142      142           
  Partials         34       34

Continue to review full report at Codecov.

Legend - Click here to learn more Ξ” = absolute <relative> (impact), ΓΈ = not affected, ? = missing data Powered by Codecov. Last update 0b1c113...bde853e. Read the comment docs.

github-actions[bot] commented 1 year ago

This PR has been marked stale because it has been open for 90 days with no activity. It will be automatically closed in 30 days if no further activity occurs.

strieflin commented 1 year ago

Will be fixed by #42.