Skip to content

[Snyk] Fix for 1 vulnerabilities

Anthony Nolan requested to merge snyk-fix-a495e4c4dd6a33cbc98a3c26f1b4a041 into main

snyk-top-banner

Snyk has created this Merge Request to fix 1 vulnerabilities in the maven dependencies of this project.

Snyk changed the following file(s):

  • authorization-service/pom.xml

Vulnerabilities that will be fixed with an upgrade:

Issue Score Upgrade
medium severity Denial of Service (DoS)
SNYK-JAVA-ORGSPRINGFRAMEWORK-7687447
  631   org.springframework.security:spring-security-oauth2-authorization-server:
1.2.1 -> 1.2.6
No Known Exploit

Vulnerabilities that could not be fixed

  • Upgrade:
    • Could not upgrade org.springframework.boot:spring-boot-starter-security@3.2.2 to org.springframework.boot:spring-boot-starter-security@3.2.9; Reason could not apply upgrade, dependency is managed externally ; Location: https://maven-central.storage-download.googleapis.com/maven2/org/springframework/boot/spring-boot-dependencies/3.2.2/spring-boot-dependencies-3.2.2.pom
  • Could not upgrade org.springframework.boot:spring-boot-starter-web@3.2.2 to org.springframework.boot:spring-boot-starter-web@3.2.9; Reason could not apply upgrade, dependency is managed externally ; Location: https://maven-central.storage-download.googleapis.com/maven2/org/springframework/boot/spring-boot-dependencies/3.2.2/spring-boot-dependencies-3.2.2.pom

[!IMPORTANT]

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report 📜 Customise PR templates 🛠 Adjust project settings 📚 Read about Snyk's upgrade logic


Learn how to fix vulnerabilities with free interactive lessons:

🦉 Denial of Service (DoS)

Merge request reports

Loading