Update dependency com.thoughtworks.xstream:xstream to v1.4.21 #48
Security Report
❌ New vulnerabilities:
| Vulnerability | Severity |  CVSS Score |
Vulnerable Library | Direct Library | Suggested Fix | Issue |
|---|---|---|---|---|---|---|
CVE-2023-34055Path to dependency file: /webwolf/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/boot/spring-boot-actuator/2.4.3/spring-boot-actuator-2.4.3.jar,/home/wss-scanner/.m2/repository/org/springframework/boot/spring-boot-actuator/2.4.3/spring-boot-actuator-2.4.3.jar,/home/wss-scanner/.m2/repository/org/springframework/boot/spring-boot-actuator/2.4.3/spring-boot-actuator-2.4.3.jar Dependency Hierarchy: -> webgoat-container-8.2.1-SNAPSHOT.jar (Root Library) -> spring-boot-starter-actuator-2.4.3.jar -> spring-boot-actuator-autoconfigure-2.4.3.jar -> ❌ spring-boot-actuator-2.4.3.jar (Vulnerable Library) |
 Medium |
5.3 | Transitive spring-boot-actuator-2.4.3.jar |
webgoat-container-8.2.1-SNAPSHOT.jar | Transitive org.springframework.boot:spring-boot-actuator:2.7.18,3.0.13,3.1.6 |
#33 |
CVE-2023-34055Path to dependency file: /webwolf/pom.xml Path to vulnerable library: /home/wss-scanner/.m2/repository/org/springframework/boot/spring-boot-actuator/2.4.3/spring-boot-actuator-2.4.3.jar,/home/wss-scanner/.m2/repository/org/springframework/boot/spring-boot-actuator/2.4.3/spring-boot-actuator-2.4.3.jar,/home/wss-scanner/.m2/repository/org/springframework/boot/spring-boot-actuator/2.4.3/spring-boot-actuator-2.4.3.jar Dependency Hierarchy: -> spring-boot-starter-actuator-2.4.3.jar (Root Library) -> spring-boot-actuator-autoconfigure-2.4.3.jar -> ❌ spring-boot-actuator-2.4.3.jar (Vulnerable Library) |
Medium |
5.3 | Transitive spring-boot-actuator-2.4.3.jar |
spring-boot-starter-actuator-2.4.3.jar | Transitive org.springframework.boot:spring-boot-actuator:2.7.18,3.0.13,3.1.6 |
#31 |
✔️ Remediated vulnerabilities:
| Vulnerability | Vulnerable Library |
|---|---|
| CVE-2020-11023 | jquery-2.1.4.min.js |
| CVE-2013-7285 | xstream-1.4.5.jar |
| CVE-2021-39152 | xstream-1.4.5.jar |
| CVE-2019-11358 | jquery-2.1.4.min.js |
| CVE-2021-39139 | xstream-1.4.5.jar |
| CVE-2021-39149 | xstream-1.4.5.jar |
| CVE-2020-26259 | xstream-1.4.5.jar |
| CVE-2021-21351 | xstream-1.4.5.jar |
| CVE-2021-21341 | xstream-1.4.5.jar |
| CVE-2021-21348 | xstream-1.4.5.jar |
| CVE-2021-21346 | xstream-1.4.5.jar |
| CVE-2021-39145 | xstream-1.4.5.jar |
| CVE-2022-41966 | xstream-1.4.5.jar |
| CVE-2021-39144 | xstream-1.4.5.jar |
| CVE-2021-21344 | xstream-1.4.5.jar |
| CVE-2021-21345 | xstream-1.4.5.jar |
| CVE-2021-21350 | xstream-1.4.5.jar |
| CVE-2021-39148 | xstream-1.4.5.jar |
| CVE-2020-26258 | xstream-1.4.5.jar |
| CVE-2019-10173 | xstream-1.4.5.jar |
| CVE-2021-21349 | xstream-1.4.5.jar |
| CVE-2017-7957 | xstream-1.4.5.jar |
| CVE-2021-39151 | xstream-1.4.5.jar |
| CVE-2021-21347 | xstream-1.4.5.jar |
| CVE-2021-39141 | xstream-1.4.5.jar |
| CVE-2015-9251 | jquery-2.1.4.min.js |
| CVE-2021-21342 | xstream-1.4.5.jar |
| CVE-2021-39146 | xstream-1.4.5.jar |
| CVE-2024-47072 | xstream-1.4.5.jar |
| CVE-2021-39153 | xstream-1.4.5.jar |
| CVE-2016-3674 | xstream-1.4.5.jar |
| CVE-2021-39154 | xstream-1.4.5.jar |
| CVE-2022-40151 | xstream-1.4.5.jar |
| CVE-2021-21343 | xstream-1.4.5.jar |
| CVE-2021-39150 | xstream-1.4.5.jar |
| CVE-2021-43859 | xstream-1.4.5.jar |
| CVE-2021-29505 | xstream-1.4.5.jar |
| CVE-2020-11022 | jquery-2.1.4.min.js |
| CVE-2021-39140 | xstream-1.4.5.jar |
| CVE-2021-39147 | xstream-1.4.5.jar |
| CVE-2020-26217 | xstream-1.4.5.jar |
Base branch total remaining vulnerabilities: 211
Base branch commit: null
Total libraries scanned: 188
Scan token: 617123c644294a1c94b0d1d9fbdf674c