Update dependency org.owasp.esapi:esapi to v2.5.2.0 (log4j-fix) - Githubissues

tabacmend / Java-Demo-old

Apache License 2.0

0 stars 0 forks source link

Update dependency org.owasp.esapi:esapi to v2.5.2.0 (log4j-fix) #78

Open mend-for-github-com[bot] opened 1 year ago

mend-for-github-com[bot] commented 1 year ago

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
org.owasp.esapi:esapi (source)	`2.1.0.1` -> `2.5.2.0`

By merging this PR, the issue #83 will be automatically resolved and closed:

Severity	CVSS Score	CVE
Critical	9.8	CVE-2016-1000031
Critical	9.8	CVE-2022-23457
High	7.5	CVE-2016-3092
High	7.5	CVE-2023-24998
High	7.5	WS-2014-0034
High	7.3	CVE-2014-0107
Medium	6.1	CVE-2016-10006
Medium	6.1	CVE-2017-14735
Medium	6.1	CVE-2021-35043
Medium	6.1	CVE-2022-24891
Medium	6.1	CVE-2022-28367
Medium	6.1	CVE-2022-29577
Medium	4.8	CVE-2012-5783
Medium	4.8	CVE-2021-29425

[ ] If you want to rebase/retry this PR, check this box