Switch to built-in security transports from core #4119
Merged
Mend for GitHub.com / WhiteSource Security Check
failed
Mar 26, 2024 in 3m 9s
Security Report
❌ New vulnerabilities:
| CVE | Severity |  CVSS Score |
Vulnerable Library | Suggested Fix | Issue |
|---|---|---|---|---|---|
CVE-2024-29025Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/io.netty/netty-codec-http/4.1.107.Final/4d8e9e51b7254bd26a42fe17bdcae32e4c6ebb3/netty-codec-http-4.1.107.Final.jar Dependency Hierarchy: -> transport-netty4-client-3.0.0-SNAPSHOT.jar (Root Library) -> ❌ netty-codec-http-4.1.107.Final.jar (Vulnerable Library) |
 Medium |
5.3 | netty-codec-http-4.1.107.Final.jar | Upgrade to version: io.netty:netty-codec-http:4.1.108.Final | None |
Base branch total remaining vulnerabilities: 0
Base branch commit: c64d0aa66654e43886377c648811d07d0840af9b
Total libraries scanned: 267
Scan token: 48b3b23dd5f74a01bc4d83696d95225c
Loading