Skip to content

Remove `--label` flag for `gh issue list` (#442)

Mend for GitHub.com / Mend Security Check failed Jun 13, 2024 in 2m 49s

Security Report

The Security Check found 41 vulnerabilities.

CVE Severity CVSS Score Vulnerable Library Suggested Fix Issue
CVE-2022-43406

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.jenkins-ci.plugins.workflow/workflow-cps-global-lib/570.v21311f4951f8/2f4e26a941657bf9e3af9d9a29194a38112cca6a/workflow-cps-global-lib-570.v21311f4951f8.jar

Dependency Hierarchy:

-> ❌ workflow-cps-global-lib-570.v21311f4951f8.jar (Vulnerable Library)

Critical 9.9 workflow-cps-global-lib-570.v21311f4951f8.jar Upgrade to version: io.jenkins.plugins:pipeline-groovy-lib:613.v9c41a_160233f #62
CVE-2022-43405

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.jenkins-ci.plugins.workflow/workflow-cps-global-lib/570.v21311f4951f8/2f4e26a941657bf9e3af9d9a29194a38112cca6a/workflow-cps-global-lib-570.v21311f4951f8.jar

Dependency Hierarchy:

-> ❌ workflow-cps-global-lib-570.v21311f4951f8.jar (Vulnerable Library)

Critical 9.9 workflow-cps-global-lib-570.v21311f4951f8.jar Upgrade to version: io.jenkins.plugins:pipeline-groovy-lib:613.v9c41a_160233f #62
CVE-2022-45047

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.sshd/sshd-core/2.5.1/cc0e3cdb1e983211f94e4dffa40c0189e330aac3/sshd-core-2.5.1.jar

Dependency Hierarchy:

-> ❌ sshd-core-2.5.1.jar (Vulnerable Library)

Critical 9.8 sshd-core-2.5.1.jar Upgrade to version: org.apache.sshd:sshd-core:2.9.2;org.apache.sshd:sshd-common:2.9.2;org.apache.sshd:sshd-osgi:2.9.2 #74
CVE-2022-45047

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.sshd/sshd-common/2.5.1/a93d53383d602ad27f7fda5a6d6450a68729b804/sshd-common-2.5.1.jar

Dependency Hierarchy:

-> ❌ sshd-common-2.5.1.jar (Vulnerable Library)

Critical 9.8 sshd-common-2.5.1.jar Upgrade to version: org.apache.sshd:sshd-core:2.9.2;org.apache.sshd:sshd-common:2.9.2;org.apache.sshd:sshd-osgi:2.9.2 #60
CVE-2022-1471

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.yaml/snakeyaml/1.29/6d0cdafb2010f1297e574656551d7145240f6e25/snakeyaml-1.29.jar

Dependency Hierarchy:

-> ❌ snakeyaml-1.29.jar (Vulnerable Library)

Critical 9.8 snakeyaml-1.29.jar Upgrade to version: org.yaml:snakeyaml:2.0 #69
CVE-2016-1000027

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.springframework/spring-web/5.3.29/4cd333e48d9a05d05c05ae7426242ecfe4cfb681/spring-web-5.3.29.jar

Dependency Hierarchy:

-> jenkins-core-2.426.3.jar (Root Library)

   -> spring-security-web-5.8.7.jar

     -> ❌ spring-web-5.3.29.jar (Vulnerable Library)

Critical 9.8 spring-web-5.3.29.jar Upgrade to version: org.springframework:spring-web:6.0.0 #437
CVE-2022-37865

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.ivy/ivy/2.5.0/7cd93e73e91acb868717ebf2410f966f53ae5897/ivy-2.5.0.jar

Dependency Hierarchy:

-> ❌ ivy-2.5.0.jar (Vulnerable Library)

Critical 9.1 ivy-2.5.0.jar Upgrade to version: org.apache.ivy:ivy:2.5.1 #76
CVE-2022-37865

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.ivy/ivy/2.4.0/5abe4c24bbe992a9ac07ca563d5bd3e8d569e9ed/ivy-2.4.0.jar

Dependency Hierarchy:

-> ❌ ivy-2.4.0.jar (Vulnerable Library)

Critical 9.1 ivy-2.4.0.jar Upgrade to version: org.apache.ivy:ivy:2.5.1 #72
CVE-2024-34145

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.jenkins-ci.plugins/script-security/1229.v4880b_b_e905a_6/6d8dfb75093b8b8973af431a5fb129a91ce87525/script-security-1229.v4880b_b_e905a_6.jar

Dependency Hierarchy:

-> ❌ script-security-1229.v4880b_b_e905a_6.jar (Vulnerable Library)

High 8.8 script-security-1229.v4880b_b_e905a_6.jar Upgrade to version: org.jenkins-ci.plugins:script-security:1336.vf33a_a_9863911 #421
CVE-2024-34144

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.jenkins-ci.plugins/script-security/1229.v4880b_b_e905a_6/6d8dfb75093b8b8973af431a5fb129a91ce87525/script-security-1229.v4880b_b_e905a_6.jar

Dependency Hierarchy:

-> ❌ script-security-1229.v4880b_b_e905a_6.jar (Vulnerable Library)

High 8.8 script-security-1229.v4880b_b_e905a_6.jar Upgrade to version: org.jenkins-ci.plugins:script-security:1336.vf33a_a_9863911 #421
CVE-2023-4759

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.eclipse.jgit/org.eclipse.jgit/5.13.0.202109080827-r/32badd5adebd660424509344259ad3e409699ba2/org.eclipse.jgit-5.13.0.202109080827-r.jar

Dependency Hierarchy:

-> ❌ org.eclipse.jgit-5.13.0.202109080827-r.jar (Vulnerable Library)

High 8.8 org.eclipse.jgit-5.13.0.202109080827-r.jar Upgrade to version: org.eclipse.jgit:org.eclipse.jgit:6.6.1.202309021850-r #311
CVE-2023-40336

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.jenkins-ci.plugins/cloudbees-folder/6.16/53b5e0e56eb9041b71922bed842689c948bce5f9/cloudbees-folder-6.16.jar

Dependency Hierarchy:

-> ❌ cloudbees-folder-6.16.jar (Vulnerable Library)

High 8.8 cloudbees-folder-6.16.jar Upgrade to version: org.jenkins-ci.plugins:cloudbees-folder:6.848.ve3b_fd7839a_81 #283
CVE-2024-22257

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.springframework.security/spring-security-core/5.8.7/916c9b391ef6e606806dbe2fc9c8b4ff5a853cdf/spring-security-core-5.8.7.jar

Dependency Hierarchy:

-> jenkins-core-2.426.3.jar (Root Library)

   -> spring-security-web-5.8.7.jar

     -> ❌ spring-security-core-5.8.7.jar (Vulnerable Library)

High 8.2 spring-security-core-5.8.7.jar Upgrade to version: org.springframework.security:spring-security-core:5.7.12,5.8.11,6.1.8,6.2.3 #437
CVE-2022-46751

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.ivy/ivy/2.5.0/7cd93e73e91acb868717ebf2410f966f53ae5897/ivy-2.5.0.jar

Dependency Hierarchy:

-> ❌ ivy-2.5.0.jar (Vulnerable Library)

High 8.2 ivy-2.5.0.jar Upgrade to version: org.apache.ivy:ivy:2.5.2 #76
CVE-2022-46751

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.ivy/ivy/2.4.0/5abe4c24bbe992a9ac07ca563d5bd3e8d569e9ed/ivy-2.4.0.jar

Dependency Hierarchy:

-> ❌ ivy-2.4.0.jar (Vulnerable Library)

High 8.2 ivy-2.4.0.jar Upgrade to version: org.apache.ivy:ivy:2.5.2 #72
CVE-2024-22262

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.springframework/spring-web/5.3.29/4cd333e48d9a05d05c05ae7426242ecfe4cfb681/spring-web-5.3.29.jar

Dependency Hierarchy:

-> jenkins-core-2.426.3.jar (Root Library)

   -> spring-security-web-5.8.7.jar

     -> ❌ spring-web-5.3.29.jar (Vulnerable Library)

High 8.1 spring-web-5.3.29.jar Upgrade to version: org.springframework:spring-web:5.3.34;6.0.19,6.1.6 #437
CVE-2024-22259

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.springframework/spring-web/5.3.29/4cd333e48d9a05d05c05ae7426242ecfe4cfb681/spring-web-5.3.29.jar

Dependency Hierarchy:

-> jenkins-core-2.426.3.jar (Root Library)

   -> spring-security-web-5.8.7.jar

     -> ❌ spring-web-5.3.29.jar (Vulnerable Library)

High 8.1 spring-web-5.3.29.jar Upgrade to version: org.springframework:spring-web:5.3.33,6.0.18,6.1.5 #437
CVE-2024-22243

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.springframework/spring-web/5.3.29/4cd333e48d9a05d05c05ae7426242ecfe4cfb681/spring-web-5.3.29.jar

Dependency Hierarchy:

-> jenkins-core-2.426.3.jar (Root Library)

   -> spring-security-web-5.8.7.jar

     -> ❌ spring-web-5.3.29.jar (Vulnerable Library)

High 8.1 spring-web-5.3.29.jar Upgrade to version: org.springframework:spring-web:5.3.32,6.0.17,6.1.4 #437
CVE-2022-4065

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.testng/testng/7.5/1416a607fae667c14e390b484e8d02b5824c0674/testng-7.5.jar

Dependency Hierarchy:

-> groovy-all-3.0.15-groovydoc.jar (Root Library)

   -> groovy-testng-3.0.15.jar

     -> ❌ testng-7.5.jar (Vulnerable Library)

High 7.8 testng-7.5.jar Upgrade to version: org.testng:testng:7.7.0 #224
CVE-2023-5072

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.json/json/20190722/7bce7bacf0ab5e9f894d307a3de8b7f540064d5/json-20190722.jar

Dependency Hierarchy:

-> ❌ json-20190722.jar (Vulnerable Library)

High 7.5 json-20190722.jar Upgrade to version: org.json:json:20231013 #203
CVE-2022-45688

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.json/json/20190722/7bce7bacf0ab5e9f894d307a3de8b7f540064d5/json-20190722.jar

Dependency Hierarchy:

-> ❌ json-20190722.jar (Vulnerable Library)

High 7.5 json-20190722.jar Upgrade to version: org.json:json:20230227 #203
CVE-2022-40152

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/com.fasterxml.woodstox/woodstox-core/6.3.1/bf29b07ca4dd81ef3c0bc18c8bd5617510a81c5d/woodstox-core-6.3.1.jar

Dependency Hierarchy:

-> ❌ woodstox-core-6.3.1.jar (Vulnerable Library)

High 7.5 woodstox-core-6.3.1.jar Upgrade to version: com.fasterxml.woodstox:woodstox-core:5.4.0,6.4.0 #129
CVE-2022-37866

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.ivy/ivy/2.5.0/7cd93e73e91acb868717ebf2410f966f53ae5897/ivy-2.5.0.jar

Dependency Hierarchy:

-> ❌ ivy-2.5.0.jar (Vulnerable Library)

High 7.5 ivy-2.5.0.jar Upgrade to version: org.apache.ivy:ivy:2.5.1 #76
CVE-2022-37866

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.ivy/ivy/2.4.0/5abe4c24bbe992a9ac07ca563d5bd3e8d569e9ed/ivy-2.4.0.jar

Dependency Hierarchy:

-> ❌ ivy-2.4.0.jar (Vulnerable Library)

High 7.5 ivy-2.4.0.jar Upgrade to version: org.apache.ivy:ivy:2.5.1 #72
CVE-2022-25857

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.yaml/snakeyaml/1.29/6d0cdafb2010f1297e574656551d7145240f6e25/snakeyaml-1.29.jar

Dependency Hierarchy:

-> ❌ snakeyaml-1.29.jar (Vulnerable Library)

High 7.5 snakeyaml-1.29.jar Upgrade to version: org.yaml:snakeyaml:1.31 #69
CVE-2024-23899

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.jenkins-ci.plugins/git-server/1.10/e24b71bfe330ea7cfbc1ecc1e1cfa35ebc1e9956/git-server-1.10.jar

Dependency Hierarchy:

-> ❌ git-server-1.10.jar (Vulnerable Library)

Medium 6.5 git-server-1.10.jar Upgrade to version: org.jenkins-ci.plugins:git-server:99.101.v720e86326c09 #370
CVE-2022-41854

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.yaml/snakeyaml/1.29/6d0cdafb2010f1297e574656551d7145240f6e25/snakeyaml-1.29.jar

Dependency Hierarchy:

-> ❌ snakeyaml-1.29.jar (Vulnerable Library)

Medium 6.5 snakeyaml-1.29.jar Upgrade to version: org.yaml:snakeyaml:1.32 #69
CVE-2022-38752

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.yaml/snakeyaml/1.29/6d0cdafb2010f1297e574656551d7145240f6e25/snakeyaml-1.29.jar

Dependency Hierarchy:

-> ❌ snakeyaml-1.29.jar (Vulnerable Library)

Medium 6.5 snakeyaml-1.29.jar Upgrade to version: org.yaml:snakeyaml:1.32 #69
CVE-2022-38751

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.yaml/snakeyaml/1.29/6d0cdafb2010f1297e574656551d7145240f6e25/snakeyaml-1.29.jar

Dependency Hierarchy:

-> ❌ snakeyaml-1.29.jar (Vulnerable Library)

Medium 6.5 snakeyaml-1.29.jar Upgrade to version: org.yaml:snakeyaml:1.31 #69
CVE-2022-38749

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.yaml/snakeyaml/1.29/6d0cdafb2010f1297e574656551d7145240f6e25/snakeyaml-1.29.jar

Dependency Hierarchy:

-> ❌ snakeyaml-1.29.jar (Vulnerable Library)

Medium 6.5 snakeyaml-1.29.jar Upgrade to version: org.yaml:snakeyaml:1.31 #69
CVE-2021-30129

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.sshd/sshd-core/2.5.1/cc0e3cdb1e983211f94e4dffa40c0189e330aac3/sshd-core-2.5.1.jar

Dependency Hierarchy:

-> ❌ sshd-core-2.5.1.jar (Vulnerable Library)

Medium 6.5 sshd-core-2.5.1.jar Upgrade to version: org.apache.sshd:sshd-core:2.7.0 #74
CVE-2023-48795

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.sshd/sshd-core/2.5.1/cc0e3cdb1e983211f94e4dffa40c0189e330aac3/sshd-core-2.5.1.jar

Dependency Hierarchy:

-> ❌ sshd-core-2.5.1.jar (Vulnerable Library)

Medium 5.9 sshd-core-2.5.1.jar Upgrade to version: putty - 0.80, openssh - V_9_6_P1, golang/crypto - v0.17.0, asyncssh - 2.14.2, libssh-0.9.8, libssh-0.10.6, teraterm - v5.1, paramiko - 3.4.0, russh - 0.40.2, com.github.mwiede:jsch:0.2.15, proftpd - v1.3.8b, thrussh - 0.35.1, teraterm - v5.1, org.connectbot:sshlib:2.2.22, mscdex/ssh2 - 1.15.0, jtesta/ssh-audit - v3.1.0, Oryx-Embedded/CycloneSSH - v2.3.4, opnsense/src - 23.7, winscp - 6.2.2, PowerShell/openssh-portable - v9.5.0.0 #74
CVE-2023-48795

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.sshd/sshd-common/2.5.1/a93d53383d602ad27f7fda5a6d6450a68729b804/sshd-common-2.5.1.jar

Dependency Hierarchy:

-> ❌ sshd-common-2.5.1.jar (Vulnerable Library)

Medium 5.9 sshd-common-2.5.1.jar Upgrade to version: putty - 0.80, openssh - V_9_6_P1, golang/crypto - v0.17.0, asyncssh - 2.14.2, libssh-0.9.8, libssh-0.10.6, teraterm - v5.1, paramiko - 3.4.0, russh - 0.40.2, com.github.mwiede:jsch:0.2.15, proftpd - v1.3.8b, thrussh - 0.35.1, teraterm - v5.1, org.connectbot:sshlib:2.2.22, mscdex/ssh2 - 1.15.0, jtesta/ssh-audit - v3.1.0, Oryx-Embedded/CycloneSSH - v2.3.4, opnsense/src - 23.7, winscp - 6.2.2, PowerShell/openssh-portable - v9.5.0.0 #60
CVE-2024-26308

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.commons/commons-compress/1.24.0/b4b1b5a3d9573b2970fddab236102c0a4d27d35e/commons-compress-1.24.0.jar

Dependency Hierarchy:

-> jenkins-core-2.426.3.jar (Root Library)

   -> ❌ commons-compress-1.24.0.jar (Vulnerable Library)

Medium 5.5 commons-compress-1.24.0.jar Upgrade to version: org.apache.commons:commons-compress:1.26.0 #437
CVE-2024-25710

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.commons/commons-compress/1.24.0/b4b1b5a3d9573b2970fddab236102c0a4d27d35e/commons-compress-1.24.0.jar

Dependency Hierarchy:

-> jenkins-core-2.426.3.jar (Root Library)

   -> ❌ commons-compress-1.24.0.jar (Vulnerable Library)

Medium 5.5 commons-compress-1.24.0.jar Upgrade to version: org.apache.commons:commons-compress:1.26.0 #437
CVE-2022-38750

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.yaml/snakeyaml/1.29/6d0cdafb2010f1297e574656551d7145240f6e25/snakeyaml-1.29.jar

Dependency Hierarchy:

-> ❌ snakeyaml-1.29.jar (Vulnerable Library)

Medium 5.5 snakeyaml-1.29.jar Upgrade to version: org.yaml:snakeyaml:1.31 #69
CVE-2024-34146

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.jenkins-ci.plugins/git-server/1.10/e24b71bfe330ea7cfbc1ecc1e1cfa35ebc1e9956/git-server-1.10.jar

Dependency Hierarchy:

-> ❌ git-server-1.10.jar (Vulnerable Library)

Medium 5.3 git-server-1.10.jar Upgrade to version: org.jenkins-ci.plugins:git-server:117.veb_68868fa_027 #370
CVE-2023-40338

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.jenkins-ci.plugins/cloudbees-folder/6.16/53b5e0e56eb9041b71922bed842689c948bce5f9/cloudbees-folder-6.16.jar

Dependency Hierarchy:

-> ❌ cloudbees-folder-6.16.jar (Vulnerable Library)

Medium 4.3 cloudbees-folder-6.16.jar Upgrade to version: org.jenkins-ci.plugins:cloudbees-folder:6.848.ve3b_fd7839a_81 #283
CVE-2023-40337

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.jenkins-ci.plugins/cloudbees-folder/6.16/53b5e0e56eb9041b71922bed842689c948bce5f9/cloudbees-folder-6.16.jar

Dependency Hierarchy:

-> ❌ cloudbees-folder-6.16.jar (Vulnerable Library)

Medium 4.3 cloudbees-folder-6.16.jar Upgrade to version: org.jenkins-ci.plugins:cloudbees-folder:6.848.ve3b_fd7839a_81 #283
CVE-2023-35887

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.sshd/sshd-core/2.5.1/cc0e3cdb1e983211f94e4dffa40c0189e330aac3/sshd-core-2.5.1.jar

Dependency Hierarchy:

-> ❌ sshd-core-2.5.1.jar (Vulnerable Library)

Medium 4.3 sshd-core-2.5.1.jar Upgrade to version: org.apache.sshd:sshd-core:2.10.0, org.apache.sshd:sshd-common:2.10.0, org.apache.sshd:sshd-sftp:2.10.0, org.apache.sshd:sshd-osgi:2.10.0 #74
CVE-2023-35887

Path to dependency file: /build.gradle

Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.sshd/sshd-common/2.5.1/a93d53383d602ad27f7fda5a6d6450a68729b804/sshd-common-2.5.1.jar

Dependency Hierarchy:

-> ❌ sshd-common-2.5.1.jar (Vulnerable Library)

Medium 4.3 sshd-common-2.5.1.jar Upgrade to version: org.apache.sshd:sshd-core:2.10.0, org.apache.sshd:sshd-common:2.10.0, org.apache.sshd:sshd-sftp:2.10.0, org.apache.sshd:sshd-osgi:2.10.0 #60

Total libraries scanned: 296
Scan token: 0f8604f3f6b44fbca4c5656a0a7bfb8c