(*) Note that the real score may have changed since the PR was raised.
Vulnerabilities that could not be fixed
Upgrade:
Could not upgrade org.apache.struts:struts2-junit-plugin@2.3.20 to org.apache.struts:struts2-junit-plugin@2.5; Reason failed to apply upgrade ; Location: file://pom.xml
Check the changes in this PR to ensure they won't cause issues with your project.
Note:You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
Snyk has created this PR to fix one or more vulnerable packages in the `maven` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Proof of Concept exploit, Has a fix available, CVSS 2.9
SNYK-JAVA-JUNIT-1017047
junit:junit:4.8.2 -> 4.13.1Why? Has a fix available, CVSS 4.3
SNYK-JAVA-ORGSPRINGFRAMEWORK-2329097
org.springframework:spring-webmvc-portlet:3.0.5.RELEASE -> 4.3.15.RELEASEWhy? Has a fix available, CVSS 4.3
SNYK-JAVA-ORGSPRINGFRAMEWORK-2330878
org.springframework:spring-webmvc-portlet:3.0.5.RELEASE -> 4.3.15.RELEASEWhy? Has a fix available, CVSS 7.3
SNYK-JAVA-ORGSPRINGFRAMEWORK-30157
org.springframework:spring-webmvc-portlet:3.0.5.RELEASE -> 4.3.15.RELEASEWhy? Has a fix available, CVSS 6.3
SNYK-JAVA-ORGSPRINGFRAMEWORK-30160
org.springframework:spring-webmvc-portlet:3.0.5.RELEASE -> 4.3.15.RELEASEWhy? Has a fix available, CVSS 3.7
SNYK-JAVA-ORGSPRINGFRAMEWORK-30161
org.springframework:spring-webmvc-portlet:3.0.5.RELEASE -> 4.3.15.RELEASEWhy? Has a fix available, CVSS 6.3
SNYK-JAVA-ORGSPRINGFRAMEWORK-30162
org.springframework:spring-webmvc-portlet:3.0.5.RELEASE -> 4.3.15.RELEASEWhy? Has a fix available, CVSS 8.8
SNYK-JAVA-ORGSPRINGFRAMEWORK-30163
org.springframework:spring-webmvc-portlet:3.0.5.RELEASE -> 4.3.15.RELEASEWhy? Has a fix available, CVSS 4.3
SNYK-JAVA-ORGSPRINGFRAMEWORK-30167
org.springframework:spring-webmvc-portlet:3.0.5.RELEASE -> 4.3.15.RELEASEWhy? Has a fix available, CVSS 6.3
SNYK-JAVA-ORGSPRINGFRAMEWORK-31324
org.springframework:spring-webmvc-portlet:3.0.5.RELEASE -> 4.3.15.RELEASEWhy? Has a fix available, CVSS 5.3
SNYK-JAVA-ORGSPRINGFRAMEWORK-31325
org.springframework:spring-webmvc-portlet:3.0.5.RELEASE -> 4.3.15.RELEASEWhy? Has a fix available, CVSS 7.3
SNYK-JAVA-ORGSPRINGFRAMEWORK-31329
org.springframework:spring-webmvc-portlet:3.0.5.RELEASE -> 4.3.15.RELEASEWhy? Has a fix available, CVSS 6.3
SNYK-JAVA-ORGSPRINGFRAMEWORK-31330
org.springframework:spring-webmvc-portlet:3.0.5.RELEASE -> 4.3.15.RELEASEWhy? Has a fix available, CVSS 6.3
SNYK-JAVA-ORGSPRINGFRAMEWORK-31331
org.springframework:spring-webmvc-portlet:3.0.5.RELEASE -> 4.3.15.RELEASEWhy? Has a fix available, CVSS 7.5
SNYK-JAVA-ORGSPRINGFRAMEWORK-31332
org.springframework:spring-webmvc-portlet:3.0.5.RELEASE -> 4.3.15.RELEASEWhy? Has a fix available, CVSS 4.3
SNYK-JAVA-ORGSPRINGFRAMEWORK-31512
org.springframework:spring-webmvc-portlet:3.0.5.RELEASE -> 4.3.15.RELEASEWhy? Has a fix available, CVSS 5.9
SNYK-JAVA-ORGSPRINGFRAMEWORK-32202
org.springframework:spring-webmvc-portlet:3.0.5.RELEASE -> 4.3.15.RELEASE(*) Note that the real score may have changed since the PR was raised.
Vulnerabilities that could not be fixed
org.apache.struts:struts2-junit-plugin@2.3.20toorg.apache.struts:struts2-junit-plugin@2.5; Reasonfailed to apply upgrade; Location:file://pom.xmlCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Directory Traversal 🦉 Cross-site Scripting (XSS) 🦉 Cross-site Scripting (XSS) 🦉 More lessons are available in Snyk Learn