Skip to content

[Snyk] Upgrade org.springframework:spring-core from 4.0.0.RELEASE to 4.3.30.RELEASE#12

Open
eoftedal wants to merge 1 commit intomasterfrom
snyk-upgrade-9fedd614b8d303d743120a66020d0491
Open

[Snyk] Upgrade org.springframework:spring-core from 4.0.0.RELEASE to 4.3.30.RELEASE#12
eoftedal wants to merge 1 commit intomasterfrom
snyk-upgrade-9fedd614b8d303d743120a66020d0491

Conversation

@eoftedal
Copy link
Owner

@eoftedal eoftedal commented Aug 25, 2024

snyk-top-banner

Snyk has created this PR to upgrade org.springframework:spring-core from 4.0.0.RELEASE to 4.3.30.RELEASE.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 60 versions ahead of your current version.

  • The recommended version was released on 4 years ago.

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
high severity XML External Entity (XXE) Injection
SNYK-JAVA-ORGSPRINGFRAMEWORK-30159		 654 No Known Exploit
high severity Improper Input Validation
SNYK-JAVA-ORGSPRINGFRAMEWORK-1009832		 654 No Known Exploit
high severity XML External Entity (XXE) Injection
SNYK-JAVA-ORGSPRINGFRAMEWORK-30163		 654 No Known Exploit
high severity Reflected File Download
SNYK-JAVA-ORGSPRINGFRAMEWORK-30165		 654 No Known Exploit
high severity Authentication Bypass
SNYK-JAVA-ORGSPRINGFRAMEWORK-536316		 654 No Known Exploit
medium severity Denial of Service (DoS)
SNYK-JAVA-ORGSPRINGFRAMEWORK-31328		 654 No Known Exploit
medium severity Cross-site Scripting (XSS)
SNYK-JAVA-ORGSPRINGFRAMEWORK-30167		 654 No Known Exploit
medium severity Directory Traversal
SNYK-JAVA-ORGSPRINGFRAMEWORK-31325		 654 No Known Exploit
medium severity XML External Entity (XXE) Injection
SNYK-JAVA-ORGSPRINGFRAMEWORK-30160		 654 No Known Exploit
medium severity XML External Entity (XXE) Injection
SNYK-JAVA-ORGSPRINGFRAMEWORK-30158		 654 No Known Exploit
medium severity Denial of Service (DoS)
SNYK-JAVA-ORGSPRINGFRAMEWORK-30164		 654 No Known Exploit
medium severity Cross-site Request Forgery (CSRF)
SNYK-JAVA-ORGSPRINGFRAMEWORK-31331		 654 No Known Exploit
medium severity Directory Traversal
SNYK-JAVA-ORGSPRINGFRAMEWORK-30169		 654 No Known Exploit
medium severity Directory Traversal
SNYK-JAVA-ORGSPRINGFRAMEWORK-32202		 654 Proof of Concept

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

@snyk-bot
fix: upgrade org.springframework:spring-core from 4.0.0.RELEASE to 4.…
51f3fb7 
…3.30.RELEASE

Snyk has created this PR to upgrade org.springframework:spring-core from 4.0.0.RELEASE to 4.3.30.RELEASE.

See this package in maven:
org.springframework:spring-core

See this project in Snyk:
https://app.snyk.io/org/eoftedal/project/13c08cb8-bfda-431d-af1d-8fd8974e912b?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@eoftedal @snyk-bot