[LOW] Update dependency org.springframework.boot:spring-boot-starter-parent to v3 #237
Mend for GitHub.com / Mend Security Check
succeeded
Dec 20, 2024 in 5m 30s
Security Report
βοΈ π You have successfully remediated 132 vulnerabilities in this branch:
| CVE | Vulnerable Library |
|---|---|
| CVE-2022-38751 | snakeyaml-1.13.jar |
| CVE-2021-22060 | spring-core-4.0.8.RELEASE.jar |
| CVE-2022-38749 | snakeyaml-1.13.jar |
| CVE-2024-38808 | spring-expression-4.0.8.RELEASE.jar |
| CVE-2018-14720 | jackson-databind-2.3.4.jar |
| CVE-2023-20861 | spring-expression-4.0.8.RELEASE.jar |
| CVE-2016-5007 | spring-webmvc-4.0.8.RELEASE.jar |
| CVE-2022-22970 | spring-core-4.0.8.RELEASE.jar |
| CVE-2020-36181 | jackson-databind-2.3.4.jar |
| WS-2018-0125 | jackson-core-2.3.4.jar |
| WS-2020-0293 | spring-security-web-3.2.5.RELEASE.jar |
| CVE-2021-20190 | jackson-databind-2.3.4.jar |
| CVE-2021-42550 | logback-core-1.1.2.jar |
| CVE-2020-36188 | jackson-databind-2.3.4.jar |
| CVE-2021-22096 | spring-core-4.0.8.RELEASE.jar |
| CVE-2022-22965 | spring-beans-4.0.8.RELEASE.jar |
| CVE-2024-38827 | spring-security-config-3.2.5.RELEASE.jar |
| CVE-2022-22950 | spring-expression-4.0.8.RELEASE.jar |
| CVE-2023-1932 | hibernate-validator-5.0.3.Final.jar |
| CVE-2019-12384 | jackson-databind-2.3.4.jar |
| CVE-2020-36183 | jackson-databind-2.3.4.jar |
| CVE-2018-19362 | jackson-databind-2.3.4.jar |
| CVE-2019-14379 | jackson-databind-2.3.4.jar |
| CVE-2019-12086 | jackson-databind-2.3.4.jar |
| CVE-2018-1272 | spring-web-4.0.8.RELEASE.jar |
| CVE-2018-14719 | jackson-databind-2.3.4.jar |
| CVE-2024-38821 | spring-security-web-3.2.5.RELEASE.jar |
| CVE-2022-42003 | jackson-databind-2.3.4.jar |
| CVE-2020-11620 | jackson-databind-2.3.4.jar |
| CVE-2019-14893 | jackson-databind-2.3.4.jar |
| CVE-2020-36186 | jackson-databind-2.3.4.jar |
| CVE-2020-14060 | jackson-databind-2.3.4.jar |
| CVE-2019-17267 | jackson-databind-2.3.4.jar |
| CVE-2022-38752 | snakeyaml-1.13.jar |
| WS-2016-7111 | spring-boot-actuator-1.1.9.RELEASE.jar |
| CVE-2020-9547 | jackson-databind-2.3.4.jar |
| CVE-2017-5929 | logback-classic-1.1.2.jar |
| CVE-2016-9879 | spring-security-web-3.2.5.RELEASE.jar |
| CVE-2023-6378 | logback-classic-1.1.2.jar |
| CVE-2020-11113 | jackson-databind-2.3.4.jar |
| CVE-2020-5421 | spring-web-4.0.8.RELEASE.jar |
| CVE-2019-20330 | jackson-databind-2.3.4.jar |
| CVE-2022-38750 | snakeyaml-1.13.jar |
| CVE-2024-38827 | spring-security-web-3.2.5.RELEASE.jar |
| CVE-2018-11307 | jackson-databind-2.3.4.jar |
| CVE-2020-10650 | jackson-databind-2.3.4.jar |
| CVE-2022-41854 | snakeyaml-1.13.jar |
| CVE-2019-12814 | jackson-databind-2.3.4.jar |
| CVE-2020-36185 | jackson-databind-2.3.4.jar |
| CVE-2020-24750 | jackson-databind-2.3.4.jar |
| CVE-2020-10672 | jackson-databind-2.3.4.jar |
| CVE-2018-19360 | jackson-databind-2.3.4.jar |
| CVE-2017-7525 | jackson-databind-2.3.4.jar |
| CVE-2015-3192 | spring-web-4.0.8.RELEASE.jar |
| CVE-2018-12022 | jackson-databind-2.3.4.jar |
| CVE-2020-11112 | jackson-databind-2.3.4.jar |
| CVE-2023-34055 | spring-boot-actuator-1.1.9.RELEASE.jar |
| CVE-2017-17485 | jackson-databind-2.3.4.jar |
| CVE-2020-36184 | jackson-databind-2.3.4.jar |
| CVE-2020-14062 | jackson-databind-2.3.4.jar |
| CVE-2014-3558 | hibernate-validator-5.0.3.Final.jar |
| CVE-2022-22968 | spring-context-4.0.8.RELEASE.jar |
| CVE-2018-12023 | jackson-databind-2.3.4.jar |
| CVE-2018-1271 | spring-webmvc-4.0.8.RELEASE.jar |
| CVE-2023-6481 | logback-core-1.1.2.jar |
| CVE-2020-10693 | hibernate-validator-5.0.3.Final.jar |
| CVE-2020-36518 | jackson-databind-2.3.4.jar |
| CVE-2024-22257 | spring-security-core-3.2.5.RELEASE.jar |
| CVE-2019-16942 | jackson-databind-2.3.4.jar |
| CVE-2019-16335 | jackson-databind-2.3.4.jar |
| CVE-2020-14061 | jackson-databind-2.3.4.jar |
| WS-2018-0124 | jackson-core-2.3.4.jar |
| CVE-2019-17531 | jackson-databind-2.3.4.jar |
| CVE-2024-38820 | spring-context-4.0.8.RELEASE.jar |
| CVE-2021-42550 | logback-classic-1.1.2.jar |
| CVE-2020-36179 | jackson-databind-2.3.4.jar |
| CVE-2021-22096 | spring-webmvc-4.0.8.RELEASE.jar |
| CVE-2020-9548 | jackson-databind-2.3.4.jar |
| CVE-2015-5211 | spring-web-4.0.8.RELEASE.jar |
| WS-2021-0170 | spring-core-4.0.8.RELEASE.jar |
| CVE-2024-38819 | spring-webmvc-4.0.8.RELEASE.jar |
| CVE-2023-20863 | spring-expression-4.0.8.RELEASE.jar |
| CVE-2018-19361 | jackson-databind-2.3.4.jar |
| CVE-2022-25857 | snakeyaml-1.13.jar |
| CVE-2015-5211 | spring-webmvc-4.0.8.RELEASE.jar |
| CVE-2019-14540 | jackson-databind-2.3.4.jar |
| CVE-2024-22243 | spring-web-4.0.8.RELEASE.jar |
| CVE-2022-22978 | spring-security-web-3.2.5.RELEASE.jar |
| CVE-2017-18640 | snakeyaml-1.13.jar |
| CVE-2022-42004 | jackson-databind-2.3.4.jar |
| CVE-2020-36189 | jackson-databind-2.3.4.jar |
| CVE-2018-14721 | jackson-databind-2.3.4.jar |
| WS-2016-7112 | spring-context-4.0.8.RELEASE.jar |
| CVE-2021-22112 | spring-security-web-3.2.5.RELEASE.jar |
| CVE-2020-36180 | jackson-databind-2.3.4.jar |
| CVE-2018-5968 | jackson-databind-2.3.4.jar |
| CVE-2019-11272 | spring-security-core-3.2.5.RELEASE.jar |
| CVE-2022-22970 | spring-beans-4.0.8.RELEASE.jar |
| CVE-2020-11111 | jackson-databind-2.3.4.jar |
| CVE-2019-10202 | jackson-databind-2.3.4.jar |
| CVE-2019-14439 | jackson-databind-2.3.4.jar |
| CVE-2020-25649 | jackson-databind-2.3.4.jar |
| CVE-2021-22096 | spring-web-4.0.8.RELEASE.jar |
| CVE-2020-8840 | jackson-databind-2.3.4.jar |
| CVE-2019-16943 | jackson-databind-2.3.4.jar |
| CVE-2020-10968 | jackson-databind-2.3.4.jar |
| CVE-2020-10673 | jackson-databind-2.3.4.jar |
| CVE-2016-5007 | spring-security-config-3.2.5.RELEASE.jar |
| CVE-2024-38827 | spring-security-core-3.2.5.RELEASE.jar |
| CVE-2018-14718 | jackson-databind-2.3.4.jar |
| CVE-2022-27772 | spring-boot-1.1.9.RELEASE.jar |
| CVE-2020-10969 | jackson-databind-2.3.4.jar |
| CVE-2018-1199 | spring-core-4.0.8.RELEASE.jar |
| CVE-2020-9546 | jackson-databind-2.3.4.jar |
| WS-2016-7107 | spring-security-web-3.2.5.RELEASE.jar |
| CVE-2023-20883 | spring-boot-autoconfigure-1.1.9.RELEASE.jar |
| CVE-2020-11619 | jackson-databind-2.3.4.jar |
| CVE-2020-24616 | jackson-databind-2.3.4.jar |
| CVE-2018-7489 | jackson-databind-2.3.4.jar |
| CVE-2024-22262 | spring-web-4.0.8.RELEASE.jar |
| CVE-2024-38809 | spring-web-4.0.8.RELEASE.jar |
| CVE-2017-5929 | logback-core-1.1.2.jar |
| CVE-2017-15095 | jackson-databind-2.3.4.jar |
| WS-2017-3767 | spring-security-web-3.2.5.RELEASE.jar |
| CVE-2024-38816 | spring-webmvc-4.0.8.RELEASE.jar |
| CVE-2020-14195 | jackson-databind-2.3.4.jar |
| CVE-2022-1471 | snakeyaml-1.13.jar |
| CVE-2016-5007 | spring-security-web-3.2.5.RELEASE.jar |
| CVE-2020-36187 | jackson-databind-2.3.4.jar |
| CVE-2024-22259 | spring-web-4.0.8.RELEASE.jar |
| CVE-2019-14892 | jackson-databind-2.3.4.jar |
| CVE-2020-36182 | jackson-databind-2.3.4.jar |
Base branch total remaining vulnerabilities: 154
Base branch commit: 075c652078643180fb05751cdbc793df371d6844
Total libraries scanned: 49
Scan token: 2c047d24e9884a3b9c2259429f561cde
Loading