Update dependency org.apache.maven.plugins:maven-project-info-reports-plugin to v3.9.0 #74
Security Report
3 new vulnerabilities were introduced in this branch.
❌ New vulnerabilities:
| CVE | Severity | Vulnerable Library | Suggested Fix | Issue | |
|---|---|---|---|---|---|
CVE-2024-30172Path to dependency file: /ksef-dss-facade/pom.xml Path to vulnerable library: /ksef-dss-facade/pom.xml Dependency Hierarchy: -> digital-signature-1.15.jar (Root Library) -> ❌ bcprov-jdk18on-1.77.jar (Vulnerable Library) |
7.5 | bcprov-jdk18on-1.77.jar | Upgrade to version: org.bouncycastle:bcprov-jdk18on:1.78,org.bouncycastle:bcprov-jdk15to18:1.78, org.bouncycastle:bcprov-jdk14:1.78 | None | |
CVE-2024-29857Path to dependency file: /ksef-dss-facade/pom.xml Path to vulnerable library: /ksef-dss-facade/pom.xml Dependency Hierarchy: -> digital-signature-1.15.jar (Root Library) -> ❌ bcprov-jdk18on-1.77.jar (Vulnerable Library) |
7.5 | bcprov-jdk18on-1.77.jar | Upgrade to version: org.bouncycastle:bcprov-jdk15to18:1.78, org.bouncycastle:bcprov-jdk18on:1.78 | None | |
CVE-2024-30171Path to dependency file: /ksef-dss-facade/pom.xml Path to vulnerable library: /ksef-dss-facade/pom.xml Dependency Hierarchy: -> digital-signature-1.15.jar (Root Library) -> ❌ bcprov-jdk18on-1.77.jar (Vulnerable Library) |
5.9 | bcprov-jdk18on-1.77.jar | Upgrade to version: org.bouncycastle:bcprov-jdk15to18:1.78, org.bouncycastle:bcprov-jdk18on:1.78 | None |
Base branch total remaining vulnerabilities: 0
Base branch commit: 782376e8a0f7b0f64bb7360bc37f54f317393605
Total libraries scanned: 74
Scan token: ad589b4b0c99417eb39dbbc69190fb29