[Snyk] Fix for 5 vulnerabilities
Snyk has created this Merge Request to fix 5 vulnerabilities in the maven dependencies of this project.
Snyk changed the following file(s):
authorization-service/pom.xml
Vulnerabilities that will be fixed with an upgrade:
Issue | Score | Upgrade | |
---|---|---|---|
Path Traversal SNYK-JAVA-ORGSPRINGFRAMEWORK-8230373 |
721 | No Known Exploit |
|
Improper Handling of Case Sensitivity SNYK-JAVA-ORGSPRINGFRAMEWORK-8230364 |
401 | No Known Exploit |
|
Improper Handling of Case Sensitivity SNYK-JAVA-ORGSPRINGFRAMEWORK-8230365 |
401 | org.springframework.security:spring-security-oauth2-authorization-server: 1.2.1 -> 1.2.7 No Known Exploit
|
|
Improper Handling of Case Sensitivity SNYK-JAVA-ORGSPRINGFRAMEWORK-8230366 |
401 | org.springframework.security:spring-security-oauth2-authorization-server: 1.2.1 -> 1.2.7 No Known Exploit
|
|
Improper Handling of Case Sensitivity SNYK-JAVA-ORGSPRINGFRAMEWORK-8230368 |
401 | No Known Exploit |
Vulnerabilities that could not be fixed
- Upgrade:
- Could not upgrade
org.springframework.boot:spring-boot-starter-security@3.2.2
toorg.springframework.boot:spring-boot-starter-security@3.2.11
; Reasoncould not apply upgrade, dependency is managed externally
; Location:https://maven-central.storage-download.googleapis.com/maven2/org/springframework/boot/spring-boot-dependencies/3.2.2/spring-boot-dependencies-3.2.2.pom
- Could not upgrade
- Could not upgrade
org.springframework.boot:spring-boot-starter-web@3.2.2
toorg.springframework.boot:spring-boot-starter-web@3.2.11
; Reasoncould not apply upgrade, dependency is managed externally
; Location:https://maven-central.storage-download.googleapis.com/maven2/org/springframework/boot/spring-boot-dependencies/3.2.2/spring-boot-dependencies-3.2.2.pom
[!IMPORTANT]
- Check the changes in this PR to ensure they won't cause issues with your project.
- Max score is 1000. Note that the real score may have changed since the PR was raised.
- This PR was automatically created by Snyk using the credentials of a real user.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
Learn how to fix vulnerabilities with free interactive lessons: