search

carbynestack / castor

Carbyne Stack tuple store for secure multiparty computation
https://carbynestack.io
Apache License 2.0
7 stars 4 forks source link

[Snyk] Security upgrade com.fasterxml.jackson.core:jackson-databind from 2.12.6 to 2.13.4 #41

Closed snyk-bot closed 1 year ago

snyk-bot commented 2 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `maven` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Upgrade Breaking Change Exploit Maturity
medium severity 688/1000
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.9		 Denial of Service (DoS)
SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038424		 com.fasterxml.jackson.core:jackson-databind:
2.12.6 -> 2.13.4
No Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

πŸ›  Adjust project settings

πŸ“š Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

πŸ¦‰ Denial of Service (DoS)

codecov[bot] commented 2 years ago

Codecov Report

Merging #41 (11f5bab) into master (79c4e23) will not change coverage. The diff coverage is n/a.

Additional details and impacted files [![Impacted file tree graph](https://codecov.io/gh/carbynestack/castor/pull/41/graphs/tree.svg?width=650&height=150&src=pr&token=JWqyS02Uok&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=carbynestack)](https://codecov.io/gh/carbynestack/castor/pull/41?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=carbynestack) ```diff @@ Coverage Diff @@ ## master #41 +/- ## ========================================= Coverage 85.88% 85.88% Complexity 349 349 ========================================= Files 61 61 Lines 1275 1275 Branches 81 81 ========================================= Hits 1095 1095 Misses 144 144 Partials 36 36 ``` ------ [Continue to review full report at Codecov](https://codecov.io/gh/carbynestack/castor/pull/41?src=pr&el=continue&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=carbynestack). > **Legend** - [Click here to learn more](https://docs.codecov.io/docs/codecov-delta?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=carbynestack) > `Ξ” = absolute (impact)`, `ΓΈ = not affected`, `? = missing data` > Powered by [Codecov](https://codecov.io/gh/carbynestack/castor/pull/41?src=pr&el=footer&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=carbynestack). Last update [79c4e23...11f5bab](https://codecov.io/gh/carbynestack/castor/pull/41?src=pr&el=lastupdated&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=carbynestack). Read the [comment docs](https://docs.codecov.io/docs/pull-request-comments?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=carbynestack).
strieflin commented 1 year ago

Will be fixed by #42.