Security Report
The Security Check found 6 vulnerabilities.
CVE | Severity | CVSS Score | Vulnerable Library | Suggested Fix | Issue | Reachability |
---|---|---|---|---|---|---|
CVE-2023-6378Path to dependency file: /wss-agent-hash-calculator/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/ch/qos/logback/logback-classic/1.2.3/logback-classic-1.2.3.jar Dependency Hierarchy: -> ❌ logback-classic-1.2.3.jar (Vulnerable Library) |
High | 8.7 | logback-classic-1.2.3.jar | Upgrade to version: ch.qos.logback:logback-classic:1.3.12,1.4.12 | #90 | |
CVE-2022-42003Path to dependency file: /wss-agent-report/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.13.3/jackson-databind-2.13.3.jar Dependency Hierarchy: -> ❌ jackson-databind-2.13.3.jar (Vulnerable Library) |
High | 8.7 | jackson-databind-2.13.3.jar | Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.12.7.1,2.13.4.1 | #85 | |
CVE-2022-42004Path to dependency file: /wss-agent-report/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.13.3/jackson-databind-2.13.3.jar Dependency Hierarchy: -> ❌ jackson-databind-2.13.3.jar (Vulnerable Library) |
High | 8.2 | jackson-databind-2.13.3.jar | Upgrade to version: com.fasterxml.jackson.core:jackson-databind:2.13.4 | #85 | |
CVE-2021-42550Path to dependency file: /wss-agent-hash-calculator/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/ch/qos/logback/logback-classic/1.2.3/logback-classic-1.2.3.jar Dependency Hierarchy: -> ❌ logback-classic-1.2.3.jar (Vulnerable Library) |
High | 7.5 | logback-classic-1.2.3.jar | Upgrade to version: ch.qos.logback:logback-classic:1.2.9;ch.qos.logback:logback-core:1.2.9 | #90 | |
CVE-2021-42550Path to dependency file: /wss-agent-hash-calculator/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/ch/qos/logback/logback-core/1.2.3/logback-core-1.2.3.jar Dependency Hierarchy: -> logback-classic-1.2.3.jar (Root Library) -> ❌ logback-core-1.2.3.jar (Vulnerable Library) |
High | 7.5 | logback-core-1.2.3.jar | Upgrade to version: ch.qos.logback:logback-classic:1.2.9;ch.qos.logback:logback-core:1.2.9 | #90 | |
CVE-2023-6481Path to dependency file: /wss-agent-hash-calculator/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/ch/qos/logback/logback-core/1.2.3/logback-core-1.2.3.jar Dependency Hierarchy: -> logback-classic-1.2.3.jar (Root Library) -> ❌ logback-core-1.2.3.jar (Vulnerable Library) |
High | 8.7 | logback-core-1.2.3.jar | Upgrade to version: ch.qos.logback:logback-core:1.2.13,1.3.14,1.4.14 | #90 |
Total libraries scanned: 23
Scan token: 2d095965a80a45979524d6410ee3b7ba