-
Bug
-
Resolution: Done
-
Medium
-
Istanbul Release
-
None
so
| Status | Priority | Component name and version | CVE | Threat level | Recommended version | Project’s assessment |
| CLOSED | 1 | com.fasterxml.jackson.core : jackson-databind : 2.9.8 | SONATYPE-2017-0312 CVE-2019-12086 CVE-2020-25649 |
8 7 7 |
2.12.1 | Fixed |
| CLOSED | 1 | commons-io : commons-io : 2.5 | SONATYPE-2018-0705 CVE-2021-29425 |
7 5 |
2.8.0 | Fixed |
| Log4j : log4j : 1.2.17 | CVE-2019-17571 SONATYPE-2010-0053 |
9 7 |
org.apache.logging.log4j : log4j-core 2.14.1 | |||
| OPEN | 1 | org.apache.tomcat : tomcat-catalina : 9.0.30 | CVE-2020-9484 CVE-2021-24122 |
7 5 |
10.0.5 | |
| CLOSED | 1 | org.springframework : spring-web : 5.1.7.RELEASE | CVE-2016-1000027 | 9 | 5.2.14.RELEASE | Fixed |
| CLOSED | 1 | org.springframework.data : spring-data-rest-hal-browser : 3.3.6.RELEASE | SONATYPE-2019-0115 CVE-2018-14042 CVE-2019-8331 SONATYPE-2014-0026 SONATYPE-2020-0187 SONATYPE-2016-0129 |
9 6 6 6 6 5 |
3.3.9.RELEASE | Fixed |
| CLOSED | 1 | org.springframework.security : spring-security-web : 5.3.6.RELEASE |
CVE-2021-22112 SONATYPE-2020-1270 SONATYPE-2019-0341 |
8 5 5 |
5.4.6 | Fixed |
| CLOSED | 2 | commons-codec : commons-codec : 1.9 | SONATYPE-2012-0050 | 5 | 1.15 | Fixed |
| OPEN | 2 | org.exist-db.thirdparty.xerces : xercesImpl : 2.12.0 | SONATYPE-2017-0348 | 5 | 2.12.1 | Its in-direct dependency from com.consol.citrus:citrus-core:jar:2.8.0 |
| OPEN | 2 | org.glassfish.jersey.core : jersey-common : 2.22.1 | CVE-2021-28168 | 5 | 3.0.2 | Its in-direct dependency from jersey-server |
| OPEN | 2 | org.glassfish.jersey.core : jersey-common : 2.30.1 | CVE-2021-28168 | 5 | 3.0.2 | Its in-direct dependency from jersey-server |