spotify / docker-client

INACTIVE: A simple docker client for the JVM

Apache License 2.0

1.43k stars 548 forks source link

[Snyk] Security upgrade org.bouncycastle:bcpkix-jdk15on from 1.60 to 1.61 #1205

Open snyk-bot opened 3 years ago

snyk-bot commented 3 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `maven` dependencies of this project.

Changes included in this PR

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- pom.xml

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Upgrade	Breaking Change	Exploit Maturity
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Information Exposure SNYK-JAVA-ORGBOUNCYCASTLE-1035561	`org.bouncycastle:bcpkix-jdk15on:` `1.60 -> 1.61`	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

codecov[bot] commented 3 years ago

Codecov Report

Merging #1205 into master will decrease coverage by 0.12%. The diff coverage is n/a.

@@             Coverage Diff              @@
##             master    #1205      +/-   ##
============================================
- Coverage     68.17%   68.04%   -0.13%     
+ Complexity      799      797       -2     
============================================
  Files           181      181              
  Lines          3918     3918              
  Branches        410      410              
============================================
- Hits           2671     2666       -5     
- Misses         1077     1081       +4     
- Partials        170      171       +1