[AUTO] Increment version to 2.17.2-SNAPSHOT #1454
Open
Mend for GitHub.com / WhiteSource Security Check
failed
Oct 3, 2024 in 8m 15s
Security Report
You have successfully remediated 1 vulnerabilities, but introduced 1 new vulnerabilities in this branch.
❌ New vulnerabilities:
CVE | Severity | CVSS Score | Vulnerable Library | Suggested Fix | Issue |
---|---|---|---|---|---|
CVE-2024-7254Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/com.google.protobuf/protobuf-java/3.22.3/fdee98b8f6abab73f146a4edb4c09e56f8278d03/protobuf-java-3.22.3.jar Dependency Hierarchy: -> opensearch-2.17.2-SNAPSHOT.jar (Root Library) -> ❌ protobuf-java-3.22.3.jar (Vulnerable Library) |
High | 7.5 | protobuf-java-3.22.3.jar | Upgrade to version: com.google.protobuf:protobuf-javalite - 3.25.5,4.28.2,4.27.5;com.google.protobuf:protobuf-java - 4.27.5,3.25.5,4.28.2 | None |
✔️ Remediated vulnerabilities:
CVE | Vulnerable Library |
---|---|
CVE-2024-7254 | protobuf-java-3.25.4.jar |
Base branch total remaining vulnerabilities: 3
Base branch commit: 18bf99d162d3e2e879faf8d1faed54842b678411
Total libraries scanned: 194
Scan token: f1a604be7ba3440a983493cfe79896ec
Loading