feat: Update dependencies in hale-platform to resolve security issues · halestudio/hale-platform@28a402e

Triggered via pull request November 24, 2023 14:38

emanuelaepure10

synchronize #50

emanuelaepure10:feat/ING-4067

Status Failure

Total duration 17m 36s

Artifacts 1

check.yml

on: pull_request

check / run

17m 26s

Annotations

10 errors and 1 warning

13.[CRITICAL] CVE-2017-5929: 13#L1

logback: Serialization vulnerability in SocketServer and ServerSocketReceiver

13.[CRITICAL] CVE-2017-5929: 13#L1

logback: Serialization vulnerability in SocketServer and ServerSocketReceiver

171.[CRITICAL] CVE-2021-42392: 171#L1

h2: Remote Code Execution in Console

171.[CRITICAL] CVE-2022-23221: 171#L1

Loading of custom classes from remote servers through JNDI

1.[CRITICAL] CVE-2017-11467: 1#L1

OrientDB vulnerable to Improper Privilage Management leading to arbitrary command injection

7.[CRITICAL] CVE-2016-6809: 7#L1

tika: Native deserialization of Java objects in matlab files

0.[CRITICAL] CVE-2023-25158: 0#L1

GeoTools OGC Filter SQL Injection Vulnerabilities

1.[CRITICAL] CVE-2022-41853: 1#L1

Untrusted input may lead to RCE attack

10.[CRITICAL] CVE-2014-4172: 10#L1

cas-client: Bypass of security constraints via URL parameter injection

RELEASE.[CRITICAL] CVE-2022-22978: RELEASE#L1

Authorization Bypass in RegexRequestMatcher

check / run

No files were found with the provided path: build/reports/tests. No artifacts will be uploaded.

Artifacts

Produced during runtime

Name	Size
Vulnerability report (HTML) Expired	320 KB

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: Update dependencies in hale-platform to resolve security issues #40

Summary

feat: Update dependencies in hale-platform to resolve security issues #40

Jobs

Run details

check.yml

Annotations

Artifacts