io.jsonwebtoken:jjwt: 0.9.1 -> 0.12.0 Major version upgradeNo Known Exploit
Vulnerabilities that could not be fixed
Upgrade:
Could not upgrade org.springframework.boot:spring-boot-starter-web@2.7.1 to org.springframework.boot:spring-boot-starter-web@3.1.0; Reason could not apply upgrade, dependency is managed externally ; Location: https://maven-central.storage-download.googleapis.com/maven2/org/springframework/boot/spring-boot-dependencies/2.7.1/spring-boot-dependencies-2.7.1.pom
[!IMPORTANT]
Check the changes in this PR to ensure they won't cause issues with your project.
Max score is 1000. Note that the real score may have changed since the PR was raised.
This PR was automatically created by Snyk using the credentials of a real user.
Note:You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
Snyk has created this PR to fix 1 vulnerabilities in the maven dependencies of this project.
Snyk changed the following file(s):
pom.xmlVulnerabilities that will be fixed with an upgrade:
SNYK-JAVA-COMFASTERXMLJACKSONCORE-7569538
0.9.1->0.12.0Major version upgradeNo Known ExploitVulnerabilities that could not be fixed
org.springframework.boot:spring-boot-starter-web@2.7.1toorg.springframework.boot:spring-boot-starter-web@3.1.0; Reasoncould not apply upgrade, dependency is managed externally; Location:https://maven-central.storage-download.googleapis.com/maven2/org/springframework/boot/spring-boot-dependencies/2.7.1/spring-boot-dependencies-2.7.1.pomNote: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
π§ View latest project report
π Customise PR templates
π Adjust project settings
π Read about Snyk's upgrade logic
Learn how to fix vulnerabilities with free interactive lessons:
π¦ Denial of Service (DoS)