We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
There are some security issues related with dependencies, if possible try it to keep up to date.
─────────────────────────────────────────────────────────────┬────────────────┬──────────┬────────┬───────────────────┬──────────────────────────────────────┬──────────────────────────────────────────────────────────────┐ 2024-03-15T13:22:38.1849856Z │ Library │ Vulnerability │ Severity │ Status │ Installed Version │ Fixed Version │ Title │ 2024-03-15T13:22:38.1852225Z ├─────────────────────────────────────────────────────────────┼────────────────┼──────────┼────────┼───────────────────┼──────────────────────────────────────┼──────────────────────────────────────────────────────────────┤ 2024-03-15T13:22:38.1854820Z │ ch.qos.logback:logback-classic (tlcockpit.jar) │ CVE-2023-6378 │ HIGH │ fixed │ 1.2.3 │ 1.3.12, 1.4.12, 1.2.13 │ logback: serialization vulnerability in logback receiver │ 2024-03-15T13:22:38.1857138Z │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2023-6378 │ 2024-03-15T13:22:38.1859053Z ├─────────────────────────────────────────────────────────────┤ │ │ │ │ │ │ 2024-03-15T13:22:38.1860617Z │ ch.qos.logback:logback-core (tlcockpit.jar) │ │ │ │ │ │ │ 2024-03-15T13:22:38.1862351Z │ │ │ │ │ │ │ │ 2024-03-15T13:22:38.1864015Z │ ├────────────────┼──────────┤ │ ├──────────────────────────────────────┼──────────────────────────────────────────────────────────────┤ 2024-03-15T13:22:38.1865765Z │ │ CVE-2021-42550 │ MEDIUM │ │ │ 1.2.9 │ logback: remote code execution through JNDI call from within │ 2024-03-15T13:22:38.1867459Z │ │ │ │ │ │ │ its configuration file... │ 2024-03-15T13:22:38.1869309Z │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2021-42550 │ 2024-03-15T13:22:38.1871131Z ├─────────────────────────────────────────────────────────────┼────────────────┼──────────┤ ├───────────────────┼──────────────────────────────────────┼──────────────────────────────────────────────────────────────┤ 2024-03-15T13:22:38.1874217Z │ com.fasterxml.jackson.core:jackson-databind (tlcockpit.jar) │ CVE-2018-11307 │ CRITICAL │ │ 2.9.4 │ 2.7.9.4, 2.8.11.2, 2.9.6 │ jackson-databind: Potential information exfiltration with │ 2024-03-15T13:22:38.1876548Z │ │ │ │ │ │ │ default typing, serialization gadget from MyBatis │ 2024-03-15T13:22:38.1878078Z │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2018-11307 │ 2024-03-15T13:22:38.1879668Z │ ├────────────────┤ │ │ ├──────────────────────────────────────┼──────────────────────────────────────────────────────────────┤
The text was updated successfully, but these errors were encountered:
No branches or pull requests
There are some security issues related with dependencies, if possible try it to keep up to date.
The text was updated successfully, but these errors were encountered: