New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependency org.apache.struts:struts2-core to v6 #14

Open

dev-mend-for-github-com wants to merge 1 commit into main from whitesource-remediate/org.apache.struts-struts2-core-6.x

Contributor

dev-mend-for-github-com bot commented Dec 15, 2024

This PR contains the following updates:

Package	Type	Update	Change
org.apache.struts:struts2-core (source)	compile	major	`2.3.20` -> `6.1.2`

By merging this PR, the issue #6 will be automatically resolved and closed:

Severity	CVSS Score	CVE
Critical	9.8	CVE-2016-1000031
Critical	9.8	CVE-2016-3082
Critical	9.8	CVE-2016-3087
Critical	9.8	CVE-2016-4436
Critical	9.8	CVE-2016-6795
Critical	9.8	CVE-2017-12611
Critical	9.8	CVE-2017-5638
Critical	9.8	CVE-2019-0230
Critical	9.8	CVE-2020-17530
High	8.8	CVE-2016-0785
High	8.8	CVE-2016-4430
High	8.8	CVE-2016-4461
High	8.1	CVE-2016-3081
High	8.1	CVE-2018-11776
High	7.5	CVE-2016-3092
High	7.5	CVE-2016-4431
High	7.5	CVE-2016-4433
High	7.5	CVE-2016-4433
High	7.5	CVE-2017-9787
High	7.5	CVE-2017-9787
High	7.5	CVE-2017-9804
High	7.5	CVE-2017-9804
High	7.5	CVE-2019-0233
High	7.5	CVE-2023-24998
High	7.5	WS-2014-0034
Medium	6.1	CVE-2015-2992
Medium	6.1	CVE-2016-2162
Medium	6.1	CVE-2016-4003
Medium	5.3	CVE-2016-3093
Medium	5.3	CVE-2016-3093
Medium	5.3	CVE-2016-4465
Medium	5.3	CVE-2016-4465
Medium	4.8	CVE-2015-1831
Medium	4.7	CVE-2021-29425

If you want to rebase/retry this PR, check this box


          Update dependency org.apache.struts:struts2-core to v6

311a6b9

dev-mend-for-github-com bot added the security fix label

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels