Packaging spring-security-web-4.2.19.RELEASE.jar which has CVE
Found security vulnerability CVE-2022-22978 with severity >= 9 (severity = 9.8)
https://spring.io/blog/2022/05/15/cve-2022-22978-authorization-bypass-in-regexrequestmatcher
Packaging esapi-2.1.0.1.jar which has CVE
Found security vulnerability CVE-2022-24891 with severity < 7 (severity = 6.1)
https://github.com/ESAPI/esapi-java-legacy/issues/614
https://github.com/ESAPI/esapi-java-legacy/pull/612
Packaging jackson-databind-2.11.4.jar which has CVE
Found security vulnerability CVE-2020-36518 with severity >= 7 (severity = 7.5)
https://github.com/FasterXML/jackson-databind/issues/2816
Recommended Comments
There are no comments to display.