Update dependency commons-beanutils:commons-beanutils to v1.11.0 #35

Security Report

❗️Scan Warnings: The scan completed with warnings. The integration encountered issues with one or more projects in this repository. Consequently, there may be gaps in the coverage of open-source dependencies used in the repository.

Scan Details Report

maven

/tmp/ws-scm/flink/flink-connectors/flink-sql-connector-hbase-1.4/pom.xml

Step	Level	Description	Details
Preparing the project for scan	⚠Warn	One or more of the installations failed	[ERROR] Failed to execute goal on project flink-sql-connector-hbase-1.4: Could not resolve dependencies for project org.apache.flink:flink-sql-connector-hbase-1.4:jar:1.18-SNAPSHOT: Failed to collect dependencies at org.apache.flink:flink-connector-hbase-1.4:jar:1.18-SNAPSHOT: Failed to read artifact descriptor for org.apache.flink:flink-connector-hbase-1.4:jar:1.18-SNAPSHOT: The following arti...
Resolving the project	⚠Warn	Some problems occurred while performing the resolution operation	Failed to execute command: mvn org.apache.maven.plugins:maven-dependency-plugin:3.6.0:tree -DoutputFile=whitesource_mvn_dependency_tree.txt -Dverbose -DoutputType=text -T1 -B Error lines: [NOTE: Picked up JDK_JAVA_OPTIONS: --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.base/sun.reflect.generics.reflectiveObjects=ALL-UNNAMED] Output lines: [[INFO] Scanning for project... Maven failed to detect the POM for the following dependencies: [org.mockito:mockito-inline:jar:3.4.5, org.mockito:mockito-core:jar:3.4.5, org.mockito:mockito-junit-jupiter:jar:3.4.5] Fallback is used, returns direct dependencies only

/tmp/ws-scm/flink/flink-connectors/flink-sql-connector-hbase-2.2/pom.xml

Step	Level	Description	Details
Preparing the project for scan	⚠Warn	One or more of the installations failed	[ERROR] Failed to execute goal on project flink-sql-connector-hbase-2.2: Could not resolve dependencies for project org.apache.flink:flink-sql-connector-hbase-2.2:jar:1.18-SNAPSHOT: Failed to collect dependencies at org.apache.flink:flink-connector-hbase-2.2:jar:1.18-SNAPSHOT: Failed to read artifact descriptor for org.apache.flink:flink-connector-hbase-2.2:jar:1.18-SNAPSHOT: The following arti...
Resolving the project	⚠Warn	Some problems occurred while performing the resolution operation	Failed to execute command: mvn org.apache.maven.plugins:maven-dependency-plugin:3.6.0:tree -DoutputFile=whitesource_mvn_dependency_tree.txt -Dverbose -DoutputType=text -T1 -B Error lines: [NOTE: Picked up JDK_JAVA_OPTIONS: --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.base/sun.reflect.generics.reflectiveObjects=ALL-UNNAMED] Output lines: [[INFO] Scanning for project... Maven failed to detect the POM for the following dependencies: [org.mockito:mockito-inline:jar:3.4.5, org.mockito:mockito-core:jar:3.4.5, org.mockito:mockito-junit-jupiter:jar:3.4.5] Fallback is used, returns direct dependencies only

/tmp/ws-scm/flink/flink-connectors/flink-sql-connector-hive-2.3.9/pom.xml

Step	Level	Description	Details
Preparing the project for scan	⚠Warn	One or more of the installations failed	[ERROR] Failed to execute goal on project flink-sql-connector-hive-2.3.9_2.12: Could not resolve dependencies for project org.apache.flink:flink-sql-connector-hive-2.3.9_2.12:jar:1.18-SNAPSHOT: Failed to collect dependencies at org.apache.flink:flink-connector-hive_2.12:jar:1.18-SNAPSHOT: Failed to read artifact descriptor for org.apache.flink:flink-connector-hive_2.12:jar:1.18-SNAPSHOT: The fo...
Resolving the project	⚠Warn	Some problems occurred while performing the resolution operation	Failed to execute command: mvn org.apache.maven.plugins:maven-dependency-plugin:3.6.0:tree -DoutputFile=whitesource_mvn_dependency_tree.txt -Dverbose -DoutputType=text -T1 -B Error lines: [NOTE: Picked up JDK_JAVA_OPTIONS: --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.base/sun.reflect.generics.reflectiveObjects=ALL-UNNAMED] Output lines: [[INFO] Scanning for project... Maven failed to detect the POM for the following dependencies: [org.mockito:mockito-inline:jar:3.4.5, org.mockito:mockito-core:jar:3.4.5, org.mockito:mockito-junit-jupiter:jar:3.4.5] Fallback is used, returns direct dependencies only

/tmp/ws-scm/flink/flink-connectors/flink-sql-connector-hive-3.1.3/pom.xml

Step	Level	Description	Details
Preparing the project for scan	⚠Warn	One or more of the installations failed	[ERROR] Failed to execute goal on project flink-sql-connector-hive-3.1.3_2.12: Could not resolve dependencies for project org.apache.flink:flink-sql-connector-hive-3.1.3_2.12:jar:1.18-SNAPSHOT: Failed to collect dependencies at org.apache.flink:flink-connector-hive_2.12:jar:1.18-SNAPSHOT: Failed to read artifact descriptor for org.apache.flink:flink-connector-hive_2.12:jar:1.18-SNAPSHOT: The fo...
Resolving the project	⚠Warn	Some problems occurred while performing the resolution operation	Failed to execute command: mvn org.apache.maven.plugins:maven-dependency-plugin:3.6.0:tree -DoutputFile=whitesource_mvn_dependency_tree.txt -Dverbose -DoutputType=text -T1 -B Error lines: [NOTE: Picked up JDK_JAVA_OPTIONS: --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.base/sun.reflect.generics.reflectiveObjects=ALL-UNNAMED] Output lines: [[INFO] Scanning for project... Maven failed to detect the POM for the following dependencies: [org.mockito:mockito-inline:jar:3.4.5, org.mockito:mockito-core:jar:3.4.5, org.mockito:mockito-junit-jupiter:jar:3.4.5] Fallback is used, returns direct dependencies only

/tmp/ws-scm/flink/flink-connectors/flink-sql-connector-kafka/pom.xml

Step	Level	Description	Details
Preparing the project for scan	⚠Warn	One or more of the installations failed	[ERROR] Failed to execute goal on project flink-sql-connector-kafka: Could not resolve dependencies for project org.apache.flink:flink-sql-connector-kafka:jar:1.18-SNAPSHOT: Failed to collect dependencies at org.apache.flink:flink-connector-kafka:jar:1.18-SNAPSHOT: Failed to read artifact descriptor for org.apache.flink:flink-connector-kafka:jar:1.18-SNAPSHOT: The following artifacts could not ...
Resolving the project	⚠Warn	Some problems occurred while performing the resolution operation	Failed to execute command: mvn org.apache.maven.plugins:maven-dependency-plugin:3.6.0:tree -DoutputFile=whitesource_mvn_dependency_tree.txt -Dverbose -DoutputType=text -T1 -B Error lines: [NOTE: Picked up JDK_JAVA_OPTIONS: --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.base/sun.reflect.generics.reflectiveObjects=ALL-UNNAMED] Output lines: [[INFO] Scanning for project... Maven failed to detect the POM for the following dependencies: [org.mockito:mockito-inline:jar:3.4.5, org.mockito:mockito-core:jar:3.4.5, org.mockito:mockito-junit-jupiter:jar:3.4.5] Fallback is used, returns direct dependencies only

/tmp/ws-scm/flink/flink-formats/flink-sql-avro-confluent-registry/pom.xml

Step	Level	Description	Details
Preparing the project for scan	⚠Warn	One or more of the installations failed	[ERROR] Failed to execute goal on project flink-sql-avro-confluent-registry: Could not resolve dependencies for project org.apache.flink:flink-sql-avro-confluent-registry:jar:1.18-SNAPSHOT: Failed to collect dependencies at org.apache.flink:flink-avro-confluent-registry:jar:1.18-SNAPSHOT: Failed to read artifact descriptor for org.apache.flink:flink-avro-confluent-registry:jar:1.18-SNAPSHOT: Th...
Resolving the project	⚠Warn	Some problems occurred while performing the resolution operation	Failed to execute command: mvn org.apache.maven.plugins:maven-dependency-plugin:3.6.0:tree -DoutputFile=whitesource_mvn_dependency_tree.txt -Dverbose -DoutputType=text -T1 -B Error lines: [NOTE: Picked up JDK_JAVA_OPTIONS: --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.base/sun.reflect.generics.reflectiveObjects=ALL-UNNAMED] Output lines: [[INFO] Scanning for project... Maven failed to detect the POM for the following dependencies: [org.mockito:mockito-inline:jar:3.4.5, org.mockito:mockito-core:jar:3.4.5, org.mockito:mockito-junit-jupiter:jar:3.4.5] Fallback is used, returns direct dependencies only

/tmp/ws-scm/flink/flink-formats/flink-sql-avro/pom.xml

Step	Level	Description	Details
Preparing the project for scan	⚠Warn	One or more of the installations failed	[ERROR] Failed to execute goal on project flink-sql-avro: Could not resolve dependencies for project org.apache.flink:flink-sql-avro:jar:1.18-SNAPSHOT: Failed to collect dependencies at org.apache.flink:flink-avro:jar:1.18-SNAPSHOT: Failed to read artifact descriptor for org.apache.flink:flink-avro:jar:1.18-SNAPSHOT: The following artifacts could not be resolved: org.apache.flink:flink-avro:pom...
Resolving the project	⚠Warn	Some problems occurred while performing the resolution operation	Failed to execute command: mvn org.apache.maven.plugins:maven-dependency-plugin:3.6.0:tree -DoutputFile=whitesource_mvn_dependency_tree.txt -Dverbose -DoutputType=text -T1 -B Error lines: [NOTE: Picked up JDK_JAVA_OPTIONS: --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.base/sun.reflect.generics.reflectiveObjects=ALL-UNNAMED] Output lines: [[INFO] Scanning for project... Maven failed to detect the POM for the following dependencies: [org.mockito:mockito-inline:jar:3.4.5, org.mockito:mockito-core:jar:3.4.5, org.mockito:mockito-junit-jupiter:jar:3.4.5] Fallback is used, returns direct dependencies only

/tmp/ws-scm/flink/flink-formats/flink-sql-csv/pom.xml

Step	Level	Description	Details
Preparing the project for scan	⚠Warn	One or more of the installations failed	[ERROR] Failed to execute goal on project flink-sql-csv: Could not resolve dependencies for project org.apache.flink:flink-sql-csv:jar:1.18-SNAPSHOT: Failed to collect dependencies at org.apache.flink:flink-csv:jar:1.18-SNAPSHOT: Failed to read artifact descriptor for org.apache.flink:flink-csv:jar:1.18-SNAPSHOT: The following artifacts could not be resolved: org.apache.flink:flink-csv:pom:1.18...
Resolving the project	⚠Warn	Some problems occurred while performing the resolution operation	Failed to execute command: mvn org.apache.maven.plugins:maven-dependency-plugin:3.6.0:tree -DoutputFile=whitesource_mvn_dependency_tree.txt -Dverbose -DoutputType=text -T1 -B Error lines: [NOTE: Picked up JDK_JAVA_OPTIONS: --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.base/sun.reflect.generics.reflectiveObjects=ALL-UNNAMED] Output lines: [[INFO] Scanning for project... Maven failed to detect the POM for the following dependencies: [org.mockito:mockito-inline:jar:3.4.5, org.mockito:mockito-core:jar:3.4.5, org.mockito:mockito-junit-jupiter:jar:3.4.5] Fallback is used, returns direct dependencies only

/tmp/ws-scm/flink/flink-formats/flink-sql-json/pom.xml

Step	Level	Description	Details
Preparing the project for scan	⚠Warn	One or more of the installations failed	[ERROR] Failed to execute goal on project flink-sql-json: Could not resolve dependencies for project org.apache.flink:flink-sql-json:jar:1.18-SNAPSHOT: Failed to collect dependencies at org.apache.flink:flink-json:jar:1.18-SNAPSHOT: Failed to read artifact descriptor for org.apache.flink:flink-json:jar:1.18-SNAPSHOT: The following artifacts could not be resolved: org.apache.flink:flink-json:pom...
Resolving the project	⚠Warn	Some problems occurred while performing the resolution operation	Failed to execute command: mvn org.apache.maven.plugins:maven-dependency-plugin:3.6.0:tree -DoutputFile=whitesource_mvn_dependency_tree.txt -Dverbose -DoutputType=text -T1 -B Error lines: [NOTE: Picked up JDK_JAVA_OPTIONS: --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.base/sun.reflect.generics.reflectiveObjects=ALL-UNNAMED] Output lines: [[INFO] Scanning for project... Maven failed to detect the POM for the following dependencies: [org.mockito:mockito-inline:jar:3.4.5, org.mockito:mockito-core:jar:3.4.5, org.mockito:mockito-junit-jupiter:jar:3.4.5] Fallback is used, returns direct dependencies only

/tmp/ws-scm/flink/flink-formats/flink-sql-orc/pom.xml

Step	Level	Description	Details
Preparing the project for scan	⚠Warn	One or more of the installations failed	[ERROR] Failed to execute goal on project flink-sql-orc: Could not resolve dependencies for project org.apache.flink:flink-sql-orc:jar:1.18-SNAPSHOT: Failed to collect dependencies at org.apache.flink:flink-orc:jar:1.18-SNAPSHOT: Failed to read artifact descriptor for org.apache.flink:flink-orc:jar:1.18-SNAPSHOT: The following artifacts could not be resolved: org.apache.flink:flink-orc:pom:1.18...
Resolving the project	⚠Warn	Some problems occurred while performing the resolution operation	Failed to execute command: mvn org.apache.maven.plugins:maven-dependency-plugin:3.6.0:tree -DoutputFile=whitesource_mvn_dependency_tree.txt -Dverbose -DoutputType=text -T1 -B Error lines: [NOTE: Picked up JDK_JAVA_OPTIONS: --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.base/sun.reflect.generics.reflectiveObjects=ALL-UNNAMED] Output lines: [[INFO] Scanning for project... Maven failed to detect the POM for the following dependencies: [org.mockito:mockito-inline:jar:3.4.5, org.mockito:mockito-core:jar:3.4.5, org.mockito:mockito-junit-jupiter:jar:3.4.5] Fallback is used, returns direct dependencies only

/tmp/ws-scm/flink/flink-formats/flink-sql-parquet/pom.xml

Step	Level	Description	Details
Preparing the project for scan	⚠Warn	One or more of the installations failed	[ERROR] Failed to execute goal on project flink-sql-parquet: Could not resolve dependencies for project org.apache.flink:flink-sql-parquet:jar:1.18-SNAPSHOT: Failed to collect dependencies at org.apache.flink:flink-parquet:jar:1.18-SNAPSHOT: Failed to read artifact descriptor for org.apache.flink:flink-parquet:jar:1.18-SNAPSHOT: The following artifacts could not be resolved: org.apache.flink:fl...
Resolving the project	⚠Warn	Some problems occurred while performing the resolution operation	Failed to execute command: mvn org.apache.maven.plugins:maven-dependency-plugin:3.6.0:tree -DoutputFile=whitesource_mvn_dependency_tree.txt -Dverbose -DoutputType=text -T1 -B Error lines: [NOTE: Picked up JDK_JAVA_OPTIONS: --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.base/sun.reflect.generics.reflectiveObjects=ALL-UNNAMED] Output lines: [[INFO] Scanning for project... Maven failed to detect the POM for the following dependencies: [org.mockito:mockito-inline:jar:3.4.5, org.mockito:mockito-core:jar:3.4.5, org.mockito:mockito-junit-jupiter:jar:3.4.5] Fallback is used, returns direct dependencies only

/tmp/ws-scm/flink/flink-formats/flink-sql-protobuf/pom.xml

Step	Level	Description	Details
Preparing the project for scan	⚠Warn	One or more of the installations failed	[ERROR] Failed to execute goal on project flink-sql-protobuf: Could not resolve dependencies for project org.apache.flink:flink-sql-protobuf:jar:1.18-SNAPSHOT: Failed to collect dependencies at org.apache.flink:flink-protobuf:jar:1.18-SNAPSHOT: Failed to read artifact descriptor for org.apache.flink:flink-protobuf:jar:1.18-SNAPSHOT: The following artifacts could not be resolved: org.apache.flin...
Resolving the project	⚠Warn	Some problems occurred while performing the resolution operation	Failed to execute command: mvn org.apache.maven.plugins:maven-dependency-plugin:3.6.0:tree -DoutputFile=whitesource_mvn_dependency_tree.txt -Dverbose -DoutputType=text -T1 -B Error lines: [NOTE: Picked up JDK_JAVA_OPTIONS: --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.base/sun.reflect.generics.reflectiveObjects=ALL-UNNAMED] Output lines: [[INFO] Scanning for project... Maven failed to detect the POM for the following dependencies: [org.mockito:mockito-inline:jar:3.4.5, org.mockito:mockito-core:jar:3.4.5, org.mockito:mockito-junit-jupiter:jar:3.4.5] Fallback is used, returns direct dependencies only

/tmp/ws-scm/flink/flink-quickstart/flink-quickstart-java/src/main/resources/archetype-resources/pom.xml

Step	Level	Description	Details
Preparing the project for scan	⚠Warn	One or more of the installations failed	[ERROR] [ERROR] Some problems were encountered while processing the POMs: [WARNING] 'groupId' contains an expression but should be a constant. @ ${groupId}:${artifactId}:${version}, /tmp/ws-scm/flink/flink-quickstart/flink-quickstart-java/src/main/resources/archetype-resources/pom.xml, line 23, column 11 [WARNING] 'artifactId' contains an expression but should be a constant. @ ${groupId}:${arti...
Resolving the project	⚠Warn	Some problems occurred while performing the resolution operation	Failed to execute command: mvn org.apache.maven.plugins:maven-dependency-plugin:3.6.0:tree -DoutputFile=whitesource_mvn_dependency_tree.txt -Dverbose -DoutputType=text -T1 -B Error lines: [NOTE: Picked up JDK_JAVA_OPTIONS: --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.base/sun.reflect.generics.reflectiveObjects=ALL-UNNAMED] Output lines: [[INFO] Scanning for project... Fallback is used, returns direct dependencies only

/tmp/ws-scm/flink/flink-walkthroughs/flink-walkthrough-datastream-java/src/main/resources/archetype-resources/pom.xml

Step	Level	Description	Details
Preparing the project for scan	⚠Warn	One or more of the installations failed	[ERROR] [ERROR] Some problems were encountered while processing the POMs: [WARNING] 'groupId' contains an expression but should be a constant. @ ${groupId}:${artifactId}:${version}, /tmp/ws-scm/flink/flink-walkthroughs/flink-walkthrough-datastream-java/src/main/resources/archetype-resources/pom.xml, line 23, column 11 [WARNING] 'artifactId' contains an expression but should be a constant. @ ${g...
Resolving the project	⚠Warn	Some problems occurred while performing the resolution operation	Failed to execute command: mvn org.apache.maven.plugins:maven-dependency-plugin:3.6.0:tree -DoutputFile=whitesource_mvn_dependency_tree.txt -Dverbose -DoutputType=text -T1 -B Error lines: [NOTE: Picked up JDK_JAVA_OPTIONS: --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.base/sun.reflect.generics.reflectiveObjects=ALL-UNNAMED] Output lines: [[INFO] Scanning for project... Fallback is used, returns direct dependencies only

/tmp/ws-scm/flink/pom.xml

Step	Level	Description	Details
Preparing the project for scan	⚠Warn	One or more of the installations failed	[ERROR] Failed to execute goal on project flink-parent: Could not resolve dependencies for project org.apache.flink:flink-parent:pom:1.18-SNAPSHOT: The following artifacts could not be resolved: org.mockito:mockito-inline:jar:3.4.5 (absent), org.mockito:mockito-core:jar:3.4.5 (absent), org.mockito:mockito-junit-jupiter:jar:3.4.5 (absent): org.mockito:mockito-inline:jar:3.4.5 was not found in ht...
Resolving the project	⚠Warn	Some problems occurred while performing the resolution operation	Maven failed to detect the POM for the following dependencies: [org.mockito:mockito-inline:jar:3.4.5, org.mockito:mockito-core:jar:3.4.5, org.mockito:mockito-junit-jupiter:jar:3.4.5] Fallback is used, returns direct dependencies only

You have successfully remediated 11 vulnerabilities, but introduced 6 new vulnerabilities in this branch.

❌ New vulnerabilities:

Vulnerability	Severity	CVSS Score	Vulnerable Library	Suggested Fix	Issue	Reachability
CVE-2025-4565 Path to dependency file: /flink-python Path to vulnerable library: /tmp/ws-ua_20250630163340_LUMICF/python_BKGVJP/20250630163341/protobuf-3.20.3-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.whl Dependency Hierarchy: -> ❌ protobuf-3.20.3-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.whl (Vulnerable Library)	High	7.5	protobuf-3.20.3-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.whl		None	Reachable
CVE-2023-32731 Path to dependency file: /flink-python/dev/dev-requirements.txt Path to vulnerable library: /tmp/ws-ua_20250630163340_LUMICF/python_BKGVJP/20250630163341/grpcio-1.46.3-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl Dependency Hierarchy: -> ❌ grpcio-1.46.3-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	High	7.4	grpcio-1.46.3-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	Upgrade to version: grpcio - 1.53.0	None	Reachable
CVE-2021-41496 Path to dependency file: /flink-python Path to vulnerable library: /tmp/ws-ua_20250630163340_LUMICF/python_BKGVJP/20250630163341/numpy-1.21.6-cp39-cp39-manylinux_2_12_x86_64.manylinux2010_x86_64.whl Dependency Hierarchy: -> ❌ numpy-1.21.6-cp39-cp39-manylinux_2_12_x86_64.manylinux2010_x86_64.whl (Vulnerable Library)	Medium	5.5	numpy-1.21.6-cp39-cp39-manylinux_2_12_x86_64.manylinux2010_x86_64.whl		None	Reachable
CVE-2023-32732 Path to dependency file: /flink-python/dev/dev-requirements.txt Path to vulnerable library: /tmp/ws-ua_20250630163340_LUMICF/python_BKGVJP/20250630163341/grpcio-1.46.3-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl Dependency Hierarchy: -> ❌ grpcio-1.46.3-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (Vulnerable Library)	Medium	5.3	grpcio-1.46.3-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl	Upgrade to version: grpc - 1.53.0	None	Reachable
CVE-2021-41495 Path to dependency file: /flink-python Path to vulnerable library: /tmp/ws-ua_20250630163340_LUMICF/python_BKGVJP/20250630163341/numpy-1.21.6-cp39-cp39-manylinux_2_12_x86_64.manylinux2010_x86_64.whl Dependency Hierarchy: -> ❌ numpy-1.21.6-cp39-cp39-manylinux_2_12_x86_64.manylinux2010_x86_64.whl (Vulnerable Library)	Medium	5.3	numpy-1.21.6-cp39-cp39-manylinux_2_12_x86_64.manylinux2010_x86_64.whl		None	Reachable
CVE-2021-33430 Path to dependency file: /flink-python Path to vulnerable library: /tmp/ws-ua_20250630163340_LUMICF/python_BKGVJP/20250630163341/numpy-1.21.6-cp39-cp39-manylinux_2_12_x86_64.manylinux2010_x86_64.whl Dependency Hierarchy: -> ❌ numpy-1.21.6-cp39-cp39-manylinux_2_12_x86_64.manylinux2010_x86_64.whl (Vulnerable Library)	Medium	5.3	numpy-1.21.6-cp39-cp39-manylinux_2_12_x86_64.manylinux2010_x86_64.whl	Upgrade to version: numpy - 1.21.0	None	Reachable

✔️ Remediated vulnerabilities:

Vulnerability	Vulnerable Library
CVE-2024-27454	orjson-3.9.7-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
GHSA-36jr-mh4h-2g58	d3-color-1.4.1.tgz
CVE-2025-4565	protobuf-3.20.3-cp37-cp37m-manylinux_2_5_x86_64.manylinux1_x86_64.whl
CVE-2021-41496	numpy-1.21.6-cp37-cp37m-manylinux_2_12_x86_64.manylinux2010_x86_64.whl
CVE-2025-50182	urllib3-2.0.7-py3-none-any.whl
CVE-2021-41495	numpy-1.21.6-cp37-cp37m-manylinux_2_12_x86_64.manylinux2010_x86_64.whl
CVE-2023-32732	grpcio-1.46.3-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2025-48734	commons-beanutils-1.9.4.jar
CVE-2021-33430	numpy-1.21.6-cp37-cp37m-manylinux_2_12_x86_64.manylinux2010_x86_64.whl
CVE-2023-32731	grpcio-1.46.3-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
CVE-2025-50181	urllib3-2.0.7-py3-none-any.whl

Base branch total remaining vulnerabilities: 25
Base branch commit: a9b113119f373a0311e02e140a1342e959059bdf

Total libraries scanned: 211

Scan token: 5c5c83ef4aac4018bf338bf64a2e638c

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update dependency commons-beanutils:commons-beanutils to v1.11.0 #35

Uh oh!

Uh oh!

Update dependency commons-beanutils:commons-beanutils to v1.11.0 #35

Uh oh!

Security Report

maven

/tmp/ws-scm/flink/flink-connectors/flink-sql-connector-hbase-1.4/pom.xml

/tmp/ws-scm/flink/flink-connectors/flink-sql-connector-hbase-2.2/pom.xml

/tmp/ws-scm/flink/flink-connectors/flink-sql-connector-hive-2.3.9/pom.xml

/tmp/ws-scm/flink/flink-connectors/flink-sql-connector-hive-3.1.3/pom.xml

/tmp/ws-scm/flink/flink-connectors/flink-sql-connector-kafka/pom.xml

/tmp/ws-scm/flink/flink-formats/flink-sql-avro-confluent-registry/pom.xml

/tmp/ws-scm/flink/flink-formats/flink-sql-avro/pom.xml

/tmp/ws-scm/flink/flink-formats/flink-sql-csv/pom.xml

/tmp/ws-scm/flink/flink-formats/flink-sql-json/pom.xml

/tmp/ws-scm/flink/flink-formats/flink-sql-orc/pom.xml

/tmp/ws-scm/flink/flink-formats/flink-sql-parquet/pom.xml

/tmp/ws-scm/flink/flink-formats/flink-sql-protobuf/pom.xml

/tmp/ws-scm/flink/flink-quickstart/flink-quickstart-java/src/main/resources/archetype-resources/pom.xml

/tmp/ws-scm/flink/flink-walkthroughs/flink-walkthrough-datastream-java/src/main/resources/archetype-resources/pom.xml

/tmp/ws-scm/flink/pom.xml

Re-running checks...

Update dependency commons-beanutils:commons-beanutils to v1.11.0 #35

Are you sure you want to change the base?

Uh oh!