Skip to content
This repository has been archived by the owner on Jan 19, 2022. It is now read-only.

[Snyk] Upgrade org.cloudfoundry.identity:cloudfoundry-identity-scim from 2.4.0 to 2.7.4.9 #9

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade org.cloudfoundry.identity:cloudfoundry-identity-scim from 2.4.0 to 2.7.4.9 #9

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

@snyk-bot snyk-bot commented Aug 4, 2021

Snyk has created this PR to upgrade org.cloudfoundry.identity:cloudfoundry-identity-scim from 2.4.0 to 2.7.4.9.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 12 versions ahead of your current version.
  • The recommended version was released 5 years ago, on 2016-09-17.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Denial of Service (DoS)
SNYK-JAVA-XERCES-31585		 375/1000
Why? CVSS 7.5		 No Known Exploit
Arbitrary Class Load
SNYK-JAVA-XALAN-31385		 375/1000
Why? CVSS 7.5		 No Known Exploit
Access Restriction Bypass
SNYK-JAVA-ORGSPRINGFRAMEWORKLDAP-31584		 375/1000
Why? CVSS 7.5		 No Known Exploit
Denial of Service (DoS)
SNYK-JAVA-ORGCRYPTACULAR-543303		 375/1000
Why? CVSS 7.5		 No Known Exploit
Brute Force
SNYK-JAVA-ORGCLOUDFOUNDRYIDENTITY-31064		 375/1000
Why? CVSS 7.5		 No Known Exploit
SQL Injection
SNYK-JAVA-ORGCLOUDFOUNDRYIDENTITY-31418		 375/1000
Why? CVSS 7.5		 No Known Exploit
Session Fixation
SNYK-JAVA-ORGCLOUDFOUNDRYIDENTITY-31413		 375/1000
Why? CVSS 7.5		 No Known Exploit
Remote Privilege Escalation
SNYK-JAVA-ORGCLOUDFOUNDRYIDENTITY-31054		 375/1000
Why? CVSS 7.5		 No Known Exploit
SQL Injection
SNYK-JAVA-ORGCLOUDFOUNDRYIDENTITY-31052		 375/1000
Why? CVSS 7.5		 No Known Exploit
Privilege Escalation
SNYK-JAVA-ORGCLOUDFOUNDRYIDENTITY-31051		 375/1000
Why? CVSS 7.5		 No Known Exploit
Insufficient Session Expiration
SNYK-JAVA-ORGCLOUDFOUNDRYIDENTITY-31050		 375/1000
Why? CVSS 7.5		 No Known Exploit
Hash Collision
SNYK-JAVA-ORGBOUNCYCASTLE-31657		 375/1000
Why? CVSS 7.5		 No Known Exploit
Insecure Encryption
SNYK-JAVA-ORGBOUNCYCASTLE-32368		 375/1000
Why? CVSS 7.5		 No Known Exploit
Insecure Encryption
SNYK-JAVA-ORGBOUNCYCASTLE-32366		 375/1000
Why? CVSS 7.5		 No Known Exploit
Signature Validation Bypass
SNYK-JAVA-ORGBOUNCYCASTLE-32364		 375/1000
Why? CVSS 7.5		 No Known Exploit
Insecure Encryption
SNYK-JAVA-ORGBOUNCYCASTLE-32361		 375/1000
Why? CVSS 7.5		 No Known Exploit
Insufficient Validation
SNYK-JAVA-ORGBOUNCYCASTLE-32340		 375/1000
Why? CVSS 7.5		 No Known Exploit
Information Exposure
SNYK-JAVA-ORGBOUNCYCASTLE-1035561		 375/1000
Why? CVSS 7.5		 No Known Exploit
Timing Attack
SNYK-JAVA-ORGAPACHEDIRECTORYAPI-30595		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-LOG4J-572732		 375/1000
Why? CVSS 7.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMMONSCOLLECTIONS-30078		 375/1000
Why? CVSS 7.5		 Mature
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-72884		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-72883		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-72882		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-72451		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-72450		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-72449		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-72448		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-72447		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-72446		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-72445		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-608664		 375/1000
Why? CVSS 7.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-572316		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-572314		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-572300		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-570625		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-564888		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-564887		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-561587		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-561586		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-561585		 375/1000
Why? CVSS 7.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-561373		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-561362		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-560766		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-560762		 375/1000
Why? CVSS 7.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-559106		 375/1000
Why? CVSS 7.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-559094		 375/1000
Why? CVSS 7.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-548451		 375/1000
Why? CVSS 7.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-540500		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-472980		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-471943		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-469676		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-469674		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-467016		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-467015		 375/1000
Why? CVSS 7.5		 Mature
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-467014		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-455617		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-450917		 375/1000
Why? CVSS 7.5		 Mature
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-450207		 375/1000
Why? CVSS 7.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-32111		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-32044		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-32043		 375/1000
Why? CVSS 7.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-31573		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-31507		 375/1000
Why? CVSS 7.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-174736		 375/1000
Why? CVSS 7.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1061931		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056427		 375/1000
Why? CVSS 7.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056426		 375/1000
Why? CVSS 7.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056425		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056424		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056421		 375/1000
Why? CVSS 7.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056420		 375/1000
Why? CVSS 7.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056419		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056418		 375/1000
Why? CVSS 7.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056417		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056416		 375/1000
Why? CVSS 7.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056414		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1052450		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1052449		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1047324		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1009829		 375/1000
Why? CVSS 7.5		 No Known Exploit
Improper Input Validation
SNYK-JAVA-XERCES-608891		 375/1000
Why? CVSS 7.5		 No Known Exploit
Denial of Service (DoS)
SNYK-JAVA-XERCES-31497		 375/1000
Why? CVSS 7.5		 Proof of Concept
Denial of Service (DoS)
SNYK-JAVA-XERCES-30183		 375/1000
Why? CVSS 7.5		 No Known Exploit
Denial of Service (DoS)
SNYK-JAVA-ORGYAML-537645		 375/1000
Why? CVSS 7.5		 No Known Exploit
Authentication Bypass
SNYK-JAVA-ORGSPRINGFRAMEWORKSECURITY-72471		 375/1000
Why? CVSS 7.5		 No Known Exploit
Cryptographic Issues
SNYK-JAVA-ORGOWASPESAPI-31308		 375/1000
Why? CVSS 7.5		 No Known Exploit
MAC validation Bypass
SNYK-JAVA-ORGOWASPESAPI-30143		 375/1000
Why? CVSS 7.5		 No Known Exploit
XML External Entity (XXE) Injection
SNYK-JAVA-ORGOPENSAML-30141		 375/1000
Why? CVSS 7.5		 No Known Exploit
Improper Certificate Validation
SNYK-JAVA-ORGOPENSAML-31268		 375/1000
Why? CVSS 7.5		 No Known Exploit
Improper Certificate Validation
SNYK-JAVA-ORGOPENSAML-30140		 375/1000
Why? CVSS 7.5		 No Known Exploit
Cross-site Scripting (XSS)
SNYK-JAVA-ORGHIBERNATE-569100		 375/1000
Why? CVSS 7.5		 No Known Exploit
Improper Input Validation
SNYK-JAVA-ORGHIBERNATE-568162		 375/1000
Why? CVSS 7.5		 No Known Exploit
JSM bypass via ReflectionHelper
SNYK-JAVA-ORGHIBERNATE-30098		 375/1000
Why? CVSS 7.5		 No Known Exploit
SQL Injection
SNYK-JAVA-ORGCLOUDFOUNDRYIDENTITY-31444		 375/1000
Why? CVSS 7.5		 No Known Exploit
Improper Validation of Certificate Expiration
SNYK-JAVA-ORGCLOUDFOUNDRYIDENTITY-31053		 375/1000
Why? CVSS 7.5		 No Known Exploit
Cryptographic Issues
SNYK-JAVA-ORGBOUNCYCASTLE-31046		 375/1000
Why? CVSS 7.5		 No Known Exploit
Cryptographic Issues
SNYK-JAVA-ORGBOUNCYCASTLE-31045		 375/1000
Why? CVSS 7.5		 No Known Exploit
Cryptographic Issues
SNYK-JAVA-ORGBOUNCYCASTLE-32367		 375/1000
Why? CVSS 7.5		 No Known Exploit
Timing Attack
SNYK-JAVA-ORGBOUNCYCASTLE-32363		 375/1000
Why? CVSS 7.5		 No Known Exploit
Cryptographic Issues
SNYK-JAVA-ORGBOUNCYCASTLE-31048		 375/1000
Why? CVSS 7.5		 No Known Exploit
Cryptographic Issues
SNYK-JAVA-ORGBOUNCYCASTLE-31047		 375/1000
Why? CVSS 7.5		 No Known Exploit
Timing Attack
SNYK-JAVA-ORGBOUNCYCASTLE-1296075		 375/1000
Why? CVSS 7.5		 No Known Exploit
Information Exposure
SNYK-JAVA-ORGAPACHEMINA-174326		 375/1000
Why? CVSS 7.5		 No Known Exploit
Directory Traversal
SNYK-JAVA-ORGAPACHEHTTPCOMPONENTS-31517		 375/1000
Why? CVSS 7.5		 No Known Exploit
Denial of Service (DoS)
SNYK-JAVA-ORGAPACHEHTTPCOMPONENTS-30647		 375/1000
Why? CVSS 7.5		 No Known Exploit
Man-in-the-Middle (MitM)
SNYK-JAVA-ORGAPACHEHTTPCOMPONENTS-30646		 375/1000
Why? CVSS 7.5		 No Known Exploit
Improper Input Validation
SNYK-JAVA-ORGAPACHEHTTPCOMPONENTS-1048058		 375/1000
Why? CVSS 7.5		 No Known Exploit
Denial of Service (DoS)
SNYK-JAVA-OGNL-30474		 375/1000
Why? CVSS 7.5		 No Known Exploit
Man-in-the-Middle (MitM)
SNYK-JAVA-COMMONSHTTPCLIENT-31660		 375/1000
Why? CVSS 7.5		 No Known Exploit
Improper Certificate Validation
SNYK-JAVA-COMMONSHTTPCLIENT-30083		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMMONSCOLLECTIONS-472711		 375/1000
Why? CVSS 7.5		 Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMGOOGLEGUAVA-32236		 375/1000
Why? CVSS 7.5		 No Known Exploit
Information Disclosure
SNYK-JAVA-COMGOOGLEGUAVA-1015415		 375/1000
Why? CVSS 7.5		 No Known Exploit
Denial of Service (DoS)
SNYK-JAVA-COMFASTERXMLJACKSONCORE-31520		 375/1000
Why? CVSS 7.5		 No Known Exploit
Denial of Service (DoS)
SNYK-JAVA-COMFASTERXMLJACKSONCORE-31519		 375/1000
Why? CVSS 7.5		 No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1054588		 375/1000
Why? CVSS 7.5		 Proof of Concept
Security Bypass
SNYK-JAVA-CAJULIUSDAVIES-30073		 375/1000
Why? CVSS 7.5		 No Known Exploit
XML External Entity (XXE) Injection
SNYK-JAVA-ORGOWASPESAPI-1088594		 375/1000
Why? CVSS 7.5		 No Known Exploit
Insufficient Validation
SNYK-JAVA-ORGBOUNCYCASTLE-32365		 375/1000
Why? CVSS 7.5		 No Known Exploit
Information Exposure
SNYK-JAVA-ORGBOUNCYCASTLE-173771		 375/1000
Why? CVSS 7.5		 No Known Exploit
Man-in-the-Middle (MitM)
SNYK-JAVA-LOG4J-1300176		 375/1000
Why? CVSS 7.5		 No Known Exploit
Information Exposure
SNYK-JAVA-JUNIT-1017047		 375/1000
Why? CVSS 7.5		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

@snyk-bot
fix: upgrade org.cloudfoundry.identity:cloudfoundry-identity-scim fro…
a5c6bc3 
…m 2.4.0 to 2.7.4.9

Snyk has created this PR to upgrade org.cloudfoundry.identity:cloudfoundry-identity-scim from 2.4.0 to 2.7.4.9.

See this package in Maven Repository:
https://mvnrepository.com/artifact/org.cloudfoundry.identity/cloudfoundry-identity-scim/

See this project in Snyk:
https://app.snyk.io/org/mrdavidlaing/project/836e1c65-5e44-4084-9755-41769a5a4207?utm_source=github&utm_medium=upgrade-pr
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@snyk-bot