[AUTO] Increment version to 2.20.0-SNAPSHOT #1063
Security Report
❌ New vulnerabilities:
| CVE | Severity |  CVSS Score |
Vulnerable Library | Suggested Fix | Issue |
|---|---|---|---|---|---|
CVE-2024-12798Path to dependency file: /build.gradle Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/ch.qos.logback/logback-core/1.3.14/436bd0d56730df756cff6d12d0f97df6f275e4a/logback-core-1.3.14.jar Dependency Hierarchy: -> ktlint-0.47.1.jar (Root Library) -> logback-classic-1.3.14.jar -> ❌ logback-core-1.3.14.jar (Vulnerable Library) |
 Medium |
6.6 | logback-core-1.3.14.jar | Upgrade to version: ch.qos.logback:logback-core:1.5.13, ch.qos.logback:logback-classic:1.5.13 | None |
CVE-2024-12798Path to dependency file: /build.gradle Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/ch.qos.logback/logback-classic/1.3.14/a2f0045eae641a356b74afb0d3b85268181a93cf/logback-classic-1.3.14.jar Dependency Hierarchy: -> ktlint-0.47.1.jar (Root Library) -> ❌ logback-classic-1.3.14.jar (Vulnerable Library) |
Medium |
6.6 | logback-classic-1.3.14.jar | Upgrade to version: ch.qos.logback:logback-core:1.5.13, ch.qos.logback:logback-classic:1.5.13 | None |
CVE-2024-12801Path to dependency file: /build.gradle Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/ch.qos.logback/logback-core/1.3.14/436bd0d56730df756cff6d12d0f97df6f275e4a/logback-core-1.3.14.jar Dependency Hierarchy: -> ktlint-0.47.1.jar (Root Library) -> logback-classic-1.3.14.jar -> ❌ logback-core-1.3.14.jar (Vulnerable Library) |
Medium |
4.4 | logback-core-1.3.14.jar | Upgrade to version: ch.qos.logback:logback-core:1.5.13 | None |
✔️ Remediated vulnerabilities:
| CVE | Vulnerable Library |
|---|---|
| CVE-2024-7254 | protobuf-java-3.22.3.jar |
Base branch total remaining vulnerabilities: 1
Base branch commit: 2f8177314e61ffca0e335a428c3c689aa6fbb2bb
Total libraries scanned: 192
Scan token: b562ee1fcb7c442b8a8ae854fb47db6a