Skip to content

Added validation for the new clusters field. (#633)

Mend for GitHub.com / WhiteSource Security Check failed Apr 12, 2024 in 2m 8s

Security Report

The Security Check found 2 vulnerabilities.

CVE Severity CVSS Score Vulnerable Library Suggested Fix Issue
CVE-2024-23080

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/joda-time/joda-time/2.12.2/78e18a7b4180e911dafba0a412adfa82c1e3d14b/joda-time-2.12.2.jar

Dependency Hierarchy:

-> opensearch-rest-high-level-client-3.0.0-SNAPSHOT.jar (Root Library)

   -> opensearch-3.0.0-SNAPSHOT.jar

     -> ❌ joda-time-2.12.2.jar (Vulnerable Library)

Medium 5.5 joda-time-2.12.2.jar #634
CVE-2021-28170

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.glassfish/javax.el/3.0.0/dd532526e7c8de48e40419e6af1183658a973379/javax.el-3.0.0.jar

Dependency Hierarchy:

-> cron-utils-9.1.6.jar (Root Library)

   -> ❌ javax.el-3.0.0.jar (Vulnerable Library)

Medium 5.3 javax.el-3.0.0.jar Upgrade to version: org.glassfish:jakarta.el:3.0.4, com.sun.el:el-ri:3.0.4 #608

Total libraries scanned: 161
Scan token: 89bcd1547ac8401ba91bb7465b14971f
View more details on Mend for GitHub.com