search

rednavis / vaadin-showcase

Showcase application of Vaadin and Java EE backend
GNU General Public License v3.0
0 stars 2 forks source link

[Snyk] Upgrade org.postgresql:postgresql from 42.2.9 to 42.2.20.jre7 #36

Open snyk-bot opened 3 years ago

snyk-bot commented 3 years ago

Snyk has created this PR to upgrade org.postgresql:postgresql from 42.2.9 to 42.2.20.jre7.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
XML External Entity (XXE) Injection
SNYK-JAVA-ORGPOSTGRESQL-571481		 635/1000
Why? Has a fix available, CVSS 8.2		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

codecov[bot] commented 3 years ago

Codecov Report

Merging #36 (c966b9b) into master (aab4380) will not change coverage. The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##           master      #36   +/-   ##
=======================================
  Coverage   38.62%   38.62%           
=======================================
  Files          10       10           
  Lines         145      145           
  Branches       19       19           
=======================================
  Hits           56       56           
  Misses         84       84           
  Partials        5        5

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update aab4380...c966b9b. Read the comment docs.