feat: Update dependencies in hale-platform to resolve security issues #19
emanuelaepure10Annotations
10 errors
|
171.[CRITICAL] CVE-2021-23463:
171#L1
XXE injection vulnerability
|
|
171.[CRITICAL] CVE-2021-42392:
171#L1
h2: Remote Code Execution in Console
|
|
171.[CRITICAL] CVE-2022-23221:
171#L1
Loading of custom classes from remote servers through JNDI
|
|
1.[CRITICAL] CVE-2017-11467:
1#L1
OrientDB vulnerable to Improper Privilage Management leading to arbitrary command injection
|
|
5.[CRITICAL] CVE-2013-7285:
5#L1
XStream: remote code execution due to insecure XML deserialization
|
|
5.[CRITICAL] CVE-2021-21342:
5#L1
XStream: SSRF via crafted input stream
|
|
5.[CRITICAL] CVE-2021-21344:
5#L1
XStream: Unsafe deserizaliation of javax.sql.rowset.BaseRowSet
|
|
5.[CRITICAL] CVE-2021-21345:
5#L1
XStream: Unsafe deserizaliation of com.sun.corba.se.impl.activation.ServerTableEntry
|
|
5.[CRITICAL] CVE-2021-21346:
5#L1
XStream: Unsafe deserizaliation of sun.swing.SwingLazyValue
|
|
5.[CRITICAL] CVE-2021-21347:
5#L1
XStream: Unsafe deserizaliation of com.sun.tools.javac.processing.JavacProcessingEnvironment NameProcessIterator
|
Artifacts
Produced during runtime
| Name | Size | |
|---|---|---|
|
Vulnerability report (HTML)
Expired
|
848 KB |
|