Closed snyk-bot closed 2 years ago
org.hibernate:hibernate-core:
4.0.1.Final -> 5.4.24.Final
io.undertow:undertow-core:
2.0.9.Final -> 2.2.15.Final
mysql:mysql-connector-java:
5.1.26 -> 8.0.28
org.apache.tomcat:tomcat-coyote:
9.0.22 -> 9.0.48
org.json:json:
20131018 -> 20180130
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Deserialization of Untrusted Data 🦉 Deserialization of Untrusted Data 🦉 SQL Injection 🦉 More lessons are available in Snyk Learn
Snyk has created this PR to fix one or more vulnerable packages in the `maven` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Mature exploit, Has a fix available, CVSS 9.8
SNYK-JAVA-COMMONSCOLLECTIONS-30078
org.hibernate:hibernate-core:
4.0.1.Final -> 5.4.24.Final
Why? Proof of Concept exploit, Has a fix available, CVSS 5.6
SNYK-JAVA-COMMONSCOLLECTIONS-472711
org.hibernate:hibernate-core:
4.0.1.Final -> 5.4.24.Final
Why? Has a fix available, CVSS 8.6
SNYK-JAVA-IOUNDERTOW-1012559
io.undertow:undertow-core:
2.0.9.Final -> 2.2.15.Final
Why? Has a fix available, CVSS 5.9
SNYK-JAVA-IOUNDERTOW-1304915
io.undertow:undertow-core:
2.0.9.Final -> 2.2.15.Final
Why? Has a fix available, CVSS 5.3
SNYK-JAVA-IOUNDERTOW-174583
io.undertow:undertow-core:
2.0.9.Final -> 2.2.15.Final
Why? Has a fix available, CVSS 7.5
SNYK-JAVA-IOUNDERTOW-2391283
io.undertow:undertow-core:
2.0.9.Final -> 2.2.15.Final
Why?
SNYK-JAVA-IOUNDERTOW-2847922
io.undertow:undertow-core:
2.0.9.Final -> 2.2.15.Final
Why? Has a fix available, CVSS 9.8
SNYK-JAVA-IOUNDERTOW-451626
io.undertow:undertow-core:
2.0.9.Final -> 2.2.15.Final
Why? Has a fix available, CVSS 4.8
SNYK-JAVA-IOUNDERTOW-471684
io.undertow:undertow-core:
2.0.9.Final -> 2.2.15.Final
Why? Mature exploit, Has a fix available, CVSS 8.3
SNYK-JAVA-IOUNDERTOW-567770
io.undertow:undertow-core:
2.0.9.Final -> 2.2.15.Final
Why? Has a fix available, CVSS 7.5
SNYK-JAVA-IOUNDERTOW-568918
io.undertow:undertow-core:
2.0.9.Final -> 2.2.15.Final
Why? Has a fix available, CVSS 7.6
SNYK-JAVA-IOUNDERTOW-570455
io.undertow:undertow-core:
2.0.9.Final -> 2.2.15.Final
Why? Has a fix available, CVSS 6.3
SNYK-JAVA-MYSQL-174574
mysql:mysql-connector-java:
5.1.26 -> 8.0.28
Why? Proof of Concept exploit, Has a fix available, CVSS 5.9
SNYK-JAVA-MYSQL-1766958
mysql:mysql-connector-java:
5.1.26 -> 8.0.28
Why? Has a fix available, CVSS 6.6
SNYK-JAVA-MYSQL-2386864
mysql:mysql-connector-java:
5.1.26 -> 8.0.28
Why? Has a fix available, CVSS 8.5
SNYK-JAVA-MYSQL-31399
mysql:mysql-connector-java:
5.1.26 -> 8.0.28
Why? Has a fix available, CVSS 3.3
SNYK-JAVA-MYSQL-31449
mysql:mysql-connector-java:
5.1.26 -> 8.0.28
Why? Has a fix available, CVSS 6.4
SNYK-JAVA-MYSQL-31580
mysql:mysql-connector-java:
5.1.26 -> 8.0.28
Why? Mature exploit, Has a fix available, CVSS 5.4
SNYK-JAVA-MYSQL-451460
mysql:mysql-connector-java:
5.1.26 -> 8.0.28
Why? Has a fix available, CVSS 8.8
SNYK-JAVA-MYSQL-451464
mysql:mysql-connector-java:
5.1.26 -> 8.0.28
Why? Has a fix available, CVSS 5.6
SNYK-JAVA-ORGAPACHETOMCAT-1017114
org.apache.tomcat:tomcat-coyote:
9.0.22 -> 9.0.48
Why? Has a fix available, CVSS 5.3
SNYK-JAVA-ORGAPACHETOMCAT-1316668
org.apache.tomcat:tomcat-coyote:
9.0.22 -> 9.0.48
Why? Has a fix available, CVSS 7.5
SNYK-JAVA-ORGAPACHETOMCAT-1728262
org.apache.tomcat:tomcat-coyote:
9.0.22 -> 9.0.48
Why? Has a fix available, CVSS 5.9
SNYK-JAVA-ORGAPACHETOMCAT-1728263
org.apache.tomcat:tomcat-coyote:
9.0.22 -> 9.0.48
Why? Currently trending on Twitter, Mature exploit, Has a fix available, CVSS 8.3
SNYK-JAVA-ORGAPACHETOMCAT-551990
org.apache.tomcat:tomcat-coyote:
9.0.22 -> 9.0.48
Why? Currently trending on Twitter, Mature exploit, Has a fix available, CVSS 8.3
SNYK-JAVA-ORGAPACHETOMCAT-551994
org.apache.tomcat:tomcat-coyote:
9.0.22 -> 9.0.48
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JAVA-ORGAPACHETOMCAT-574692
org.apache.tomcat:tomcat-coyote:
9.0.22 -> 9.0.48
Why? Has a fix available, CVSS 5.3
SNYK-JAVA-ORGAPACHETOMCAT-584421
org.apache.tomcat:tomcat-coyote:
9.0.22 -> 9.0.48
Why? Has a fix available, CVSS 8.2
SNYK-JAVA-ORGHIBERNATE-1041788
org.hibernate:hibernate-core:
4.0.1.Final -> 5.4.24.Final
Why? Has a fix available, CVSS 8.1
SNYK-JAVA-ORGHIBERNATE-584563
org.hibernate:hibernate-core:
4.0.1.Final -> 5.4.24.Final
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5
SNYK-JAVA-ORGJSON-2841369
org.json:json:
20131018 -> 20180130
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Deserialization of Untrusted Data 🦉 Deserialization of Untrusted Data 🦉 SQL Injection 🦉 More lessons are available in Snyk Learn