Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update dependency org.apache.struts:struts2-core to v6 #25

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

mend-for-github-com[bot]
Copy link

This PR contains the following updates:

Package Type Update Change
org.apache.struts:struts2-core (source) compile major 2.3.31 -> 6.1.2

By merging this PR, the issue #4 will be automatically resolved and closed:

Severity CVSS Score CVE
Critical Critical 10.0 CVE-2017-5638
Critical Critical 9.8 CVE-2017-12611
Critical Critical 9.8 CVE-2019-0230
Critical Critical 9.8 CVE-2020-17530
Critical Critical 9.8 CVE-2021-31805
High High 8.1 CVE-2018-11776
High High 7.5 CVE-2017-9787
High High 7.5 CVE-2017-9804
High High 7.5 CVE-2019-0233
High High 7.5 CVE-2023-34396
Medium Medium 6.5 CVE-2023-34149

By merging this PR, the issue #4 will be automatically resolved and closed:

Severity CVSS Score CVE
Critical Critical 9.8 CVE-2016-1000031
High High 7.5 CVE-2016-3092
High High 7.5 CVE-2023-24998
High High 7.5 WS-2014-0034
High High 7.3 CVE-2014-0050
Medium Medium 4.0 CVE-2013-0248

By merging this PR, the issue #4 will be automatically resolved and closed:

Severity CVSS Score CVE
High High 7.5 CVE-2017-9787
High High 7.5 CVE-2017-9804

By merging this PR, the issue #4 will be automatically resolved and closed:

Severity CVSS Score CVE
Medium Medium 4.8 CVE-2021-29425

  • If you want to rebase/retry this PR, check this box

@mend-for-github-com mend-for-github-com bot added the security fix Security fix generated by Mend label Nov 6, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
security fix Security fix generated by Mend
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants