search

ging / fiware-draco

The Draco Generic Enabler is an alternative data persistence mechanism for managing the history of context. It is based on Apache NiFi and is a dataflow system based on the concepts of flow-based programming. It supports powerful and scalable directed graphs of data routing, transformation, and system mediation logic and also offers an intuitive graphical interface
https://fiware-draco.readthedocs.io/en/latest/
Apache License 2.0
20 stars 14 forks source link

[Snyk] Fix for 37 vulnerabilities #40

Closed sonsoleslp closed 3 years ago

sonsoleslp commented 3 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `maven` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Issue Upgrade Breaking Change Exploit Maturity
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1047324		 No No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-174736		 No Proof of Concept
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-450207		 No Proof of Concept
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-450917		 No Mature
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-455617		 No No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-467014		 No No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-467015		 No Mature
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-467016		 No No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-469674		 No No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-469676		 No No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-471943		 No No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-472980		 No No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-540500		 No No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-548451		 No Proof of Concept
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-559094		 No Proof of Concept
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-559106		 No Proof of Concept
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-560762		 No Proof of Concept
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-560766		 No No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-561362		 No No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-561373		 No No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-561585		 No Proof of Concept
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-561586		 No No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-561587		 No No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-564887		 No No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-564888		 No No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-570625		 No No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-572300		 No No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-572314		 No No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-572316		 No No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-72882		 No No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-72883		 No No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-72884		 No No Known Exploit
low severity Information Exposure
SNYK-JAVA-COMMONSCODEC-561518		 org.apache.nifi:nifi-database-utils:
1.10.0 -> 1.12.0
No No Known Exploit
high severity Denial of Service (DoS)
SNYK-JAVA-ORGAPACHECOMMONS-460507		 No No Known Exploit
medium severity Information Exposure
SNYK-JAVA-ORGAPACHENIFI-534979		 No No Known Exploit
high severity Information Exposure
SNYK-JAVA-ORGAPACHENIFI-548592		 org.apache.nifi:nifi-database-utils:
1.10.0 -> 1.12.0
No No Known Exploit
high severity Information Exposure
SNYK-JAVA-ORGBOUNCYCASTLE-1035561		 No No Known Exploit

Vulnerabilities that could not be fixed

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic