[AUTO] Increment version to 2.18.1-SNAPSHOT #986
Mend for GitHub.com / Mend Security Check
failed
Nov 9, 2024 in 9m 3s
Security Report
1 new vulnerabilities were introduced in this branch.
❌ New vulnerabilities:
CVE | Severity | CVSS Score | Vulnerable Library | Suggested Fix | Issue |
---|---|---|---|---|---|
WS-2021-0616Path to dependency file: /core-spi/build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/com.fasterxml.jackson.core/jackson-core/2.11.4/593f7b18bab07a76767f181e2a2336135ce82cc4/jackson-core-2.11.4.jar Dependency Hierarchy: -> opensearch-2.18.1-SNAPSHOT.jar (Root Library) -> opensearch-core-2.18.1-SNAPSHOT.jar -> ❌ jackson-core-2.11.4.jar (Vulnerable Library) |
Medium | 5.9 | jackson-core-2.11.4.jar | Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.12.6, 2.13.1; com.fasterxml.jackson.core:jackson-core:2.12.6, 2.13.1 | None |
Base branch total remaining vulnerabilities: 0
Base branch commit: a5462515e61f3bf3fa6ce337879e20174e4004da
Total libraries scanned: 223
Scan token: 1be3e5e582e44fcfb93890a8c76dcb47
Loading