Skip to content

Commit

Permalink
monthly update of vulnerability report (#2253)
Browse files Browse the repository at this point in the history 
Signed-off-by: bossenti <[email protected]>
Co-authored-by: bossenti <[email protected]>
  • Loading branch information
@github-actions
github-actions[bot] and bossenti authored Dec 1, 2023
1 parent 2d21904 commit 215cc4b
Showing 1 changed file with 1 addition and 5 deletions.
6 changes: 1 addition & 5 deletions VULNERABILITY.md
View file
Original file line number Diff line number Diff line change
@@ -1,14 +1,10 @@
<!--\n ~ Licensed to the Apache Software Foundation (ASF) under one or more\n ~ contributor license agreements. See the NOTICE file distributed with\n ~ this work for additional information regarding copyright ownership.\n ~ The ASF licenses this file to You under the Apache License, Version 2.0\n ~ (the "License"); you may not use this file except in compliance with\n ~ the License. You may obtain a copy of the License at\n ~\n ~ http://www.apache.org/licenses/LICENSE-2.0\n ~\n ~ Unless required by applicable law or agreed to in writing, software\n ~ distributed under the License is distributed on an "AS IS" BASIS,\n ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n ~ See the License for the specific language governing permissions and\n ~ limitations under the License.\n ~\n -->
| OSV URL | CVSS | Ecosystem | Package | Version | Source |
| --- | --- | --- | --- | --- | --- |
| https://osv.dev/GHSA-57m8-f3v5-hm5m | 5.3 | Maven | io.netty:netty-handler | 4.1.72.Final | pom.xml |
| https://osv.dev/GHSA-6mjq-h674-j845 | 6.5 | Maven | io.netty:netty-handler | 4.1.72.Final | pom.xml |
| https://osv.dev/GHSA-crg9-44h2-xw35 | 10 | Maven | org.apache.activemq:activemq-client | 5.18.0 | pom.xml |
| https://osv.dev/GHSA-cgwf-w82q-5jrr | 5.5 | Maven | org.apache.commons:commons-compress | 1.23.0 | pom.xml |
| https://osv.dev/GHSA-hr8g-6v94-x4m9 | 5.3 | Maven | org.bouncycastle:bcprov-jdk15on | 1.70 | pom.xml |
| https://osv.dev/GHSA-2cqf-6xv9-f22w | 7.5 | Maven | org.elasticsearch:elasticsearch | 6.8.17 | pom.xml |
| https://osv.dev/PYSEC-2021-878 | 7.5 | PyPI | mkdocs | 1.5.2 | streampipes-client-python/poetry.lock |
| https://osv.dev/GHSA-w596-4wvx-j9j6<br/>https://osv.dev/PYSEC-2022-42969 | 7.5 | PyPI | py | 1.11.0 | streampipes-client-python/poetry.lock |
| https://osv.dev/GHSA-ww39-953v-wcq6 | 7.5 | npm | glob-parent | 3.1.0 | ui/package-lock.json |
| https://osv.dev/GHSA-7fh5-64p2-3v2j | 5.3 | npm | postcss | 8.4.21 | ui/package-lock.json |
| https://osv.dev/GHSA-4943-9vgg-gr5r | 6.1 | npm | quill | 1.3.7 | ui/package-lock.json |
| https://osv.dev/MAL-2022-6662 | | npm | tsconfig-package | 7.0.0 | ui/package-lock.json |

0 comments on commit 215cc4b

Please sign in to comment.