remove new engine usage · samqdemocorp-mend/AltoroJ@8993e54

Security Report

The Security Check found 39 vulnerabilities.

CVE	Severity	CVSS Score	Exploit Maturity	EPSS	Vulnerable Library	Suggested Fix	Issue	Reachability
CVE-2023-5072 Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.json/json/20220924/5aa95e7688f76c664af205c5937620f02688dfbc/json-20220924.jar Dependency Hierarchy: -> ❌ json-20220924.jar (Vulnerable Library)	High	8.7	Not Defined	0.0%	json-20220924.jar	Upgrade to version: org.json:json:20231013	#8	Reachable
CVE-2022-45688 Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.json/json/20220924/5aa95e7688f76c664af205c5937620f02688dfbc/json-20220924.jar Dependency Hierarchy: -> ❌ json-20220924.jar (Vulnerable Library)	High	8.7	Not Defined	0.1%	json-20220924.jar	Upgrade to version: org.json:json:20230227	#8	Reachable
WS-2019-0379 Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/commons-codec/commons-codec/1.6/b7f0fc8f61ecadeb3695f0b9464755eee44374d4/commons-codec-1.6.jar Dependency Hierarchy: -> ❌ commons-codec-1.6.jar (Vulnerable Library)	Medium	6.9	Not Defined		commons-codec-1.6.jar	Upgrade to version: commons-codec:commons-codec:1.13	#6	Reachable
CVE-2022-23305 Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/log4j/log4j/1.2.17/5af35056b4d257e4b64b9e8069c0746e8b08629f/log4j-1.2.17.jar Dependency Hierarchy: -> ❌ log4j-1.2.17.jar (Vulnerable Library)	Critical	9.3	Not Defined	0.5%	log4j-1.2.17.jar	Upgrade to version: ch.qos.reload4j:reload4j:1.2.18.2	#11	Unreachable
CVE-2019-17571 Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/log4j/log4j/1.2.17/5af35056b4d257e4b64b9e8069c0746e8b08629f/log4j-1.2.17.jar Dependency Hierarchy: -> ❌ log4j-1.2.17.jar (Vulnerable Library)	Critical	9.3	Not Defined	79.4%	log4j-1.2.17.jar	Upgrade to version: log4j-manual - 1.2.17-16;log4j-javadoc - 1.2.17-16;log4j - 1.2.17-16,1.2.17-16	#11	Unreachable
CVE-2022-46337 Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.derby/derby/10.8.2.2/5a9efbb610bd0dbf0ea404523319211f0603e4dc/derby-10.8.2.2.jar Dependency Hierarchy: -> ❌ derby-10.8.2.2.jar (Vulnerable Library)	Critical	9.2	Not Defined	0.2%	derby-10.8.2.2.jar	Upgrade to version: org.apache.derby:derby:10.14.3,10.15.2.1,10.16.1.2,10.17.1.0	#7	Unreachable
CVE-2020-9493 Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/log4j/log4j/1.2.17/5af35056b4d257e4b64b9e8069c0746e8b08629f/log4j-1.2.17.jar Dependency Hierarchy: -> ❌ log4j-1.2.17.jar (Vulnerable Library)	Critical	9.2	Not Defined	1.8%	log4j-1.2.17.jar	Upgrade to version: ch.qos.reload4j:reload4j:1.2.18.1	#11	Unreachable
CVE-2015-1832 Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.derby/derby/10.8.2.2/5a9efbb610bd0dbf0ea404523319211f0603e4dc/derby-10.8.2.2.jar Dependency Hierarchy: -> ❌ derby-10.8.2.2.jar (Vulnerable Library)	High	8.8	Not Defined	0.5%	derby-10.8.2.2.jar	Upgrade to version: 10.12.1.1	#7	Unreachable
CVE-2023-26464 Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/log4j/log4j/1.2.17/5af35056b4d257e4b64b9e8069c0746e8b08629f/log4j-1.2.17.jar Dependency Hierarchy: -> ❌ log4j-1.2.17.jar (Vulnerable Library)	High	8.7	Not Defined	0.2%	log4j-1.2.17.jar	Upgrade to version: org.apache.logging.log4j:log4j-core:2.0	#11	Unreachable
CVE-2022-23307 Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/log4j/log4j/1.2.17/5af35056b4d257e4b64b9e8069c0746e8b08629f/log4j-1.2.17.jar Dependency Hierarchy: -> ❌ log4j-1.2.17.jar (Vulnerable Library)	High	8.7	Not Defined	0.9%	log4j-1.2.17.jar	Upgrade to version: ch.qos.reload4j:reload4j:1.2.18.1	#11	Unreachable
CVE-2022-23302 Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/log4j/log4j/1.2.17/5af35056b4d257e4b64b9e8069c0746e8b08629f/log4j-1.2.17.jar Dependency Hierarchy: -> ❌ log4j-1.2.17.jar (Vulnerable Library)	High	8.7	Not Defined	0.6%	log4j-1.2.17.jar	Upgrade to version: ch.qos.reload4j:reload4j:1.2.18.1	#11	Unreachable
CVE-2021-4104 Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/log4j/log4j/1.2.17/5af35056b4d257e4b64b9e8069c0746e8b08629f/log4j-1.2.17.jar Dependency Hierarchy: -> ❌ log4j-1.2.17.jar (Vulnerable Library)	High	7.7	High	12.700001%	log4j-1.2.17.jar	Upgrade to version: uom-parent - 1.0.3-3.module,1.0.3-3.module;uom-se-javadoc - 1.0.4-3.module;parfait-examples - 0.5.4-4.module;log4j-manual - 1.2.17-16;si-units-javadoc - 0.6.5-2.module;unit-api - 1.0-5.module,1.0-5.module;unit-api-javadoc - 1.0-5.module;parfait - 0.5.4-4.module,0.5.4-4.module;log4j-javadoc - 1.2.17-16;uom-systems-javadoc - 0.7-1.module;uom-lib-javadoc - 1.0.1-6.module;uom-systems - 0.7-1.module,0.7-1.module;log4j - 1.2.17-16,1.2.17-16;uom-se - 1.0.4-3.module,1.0.4-3.module;uom-lib - 1.0.1-6.module,1.0.1-6.module;parfait-javadoc - 0.5.4-4.module;pcp-parfait-agent - 0.5.4-4.module;si-units - 0.6.5-2.module,0.6.5-2.module	#11	Unreachable
CVE-2020-9488 Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/log4j/log4j/1.2.17/5af35056b4d257e4b64b9e8069c0746e8b08629f/log4j-1.2.17.jar Dependency Hierarchy: -> ❌ log4j-1.2.17.jar (Vulnerable Library)	Medium	6.3	Not Defined	0.2%	log4j-1.2.17.jar	Upgrade to version: ch.qos.reload4j:reload4j:1.2.18.3	#11	Unreachable
CVE-2018-1313 Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.derby/derby/10.8.2.2/5a9efbb610bd0dbf0ea404523319211f0603e4dc/derby-10.8.2.2.jar Dependency Hierarchy: -> ❌ derby-10.8.2.2.jar (Vulnerable Library)	Medium	6.0	Not Defined	0.1%	derby-10.8.2.2.jar	Upgrade to version: org.apache.derby:derbynet:10.14.2.0;org.apache.derby:derby:10.14.2.0;org.apache.derby:derbytools:10.14.2.0;org.apache.derby:derbyclient:10.14.2.0	#7	Unreachable
CVE-2021-23383 Path to vulnerable library: /WebContent/swagger/lib/handlebars-2.0.0.js Dependency Hierarchy: -> ❌ handlebars-2.0.0.min.js (Vulnerable Library)	Critical	9.3	Not Defined	3.3%	handlebars-2.0.0.min.js	Upgrade to version: handlebars - 4.7.7	#10
CVE-2021-23369 Path to vulnerable library: /WebContent/swagger/lib/handlebars-2.0.0.js Dependency Hierarchy: -> ❌ handlebars-2.0.0.min.js (Vulnerable Library)	Critical	9.3	Not Defined	14.900001%	handlebars-2.0.0.min.js	Upgrade to version: com.github.jknack:handlebars:4.2.0, handlebars - 4.7.7	#10
CVE-2019-19919 Path to vulnerable library: /WebContent/swagger/lib/handlebars-2.0.0.js Dependency Hierarchy: -> ❌ handlebars-2.0.0.min.js (Vulnerable Library)	Critical	9.3	Not Defined	0.9%	handlebars-2.0.0.min.js	Upgrade to version: handlebars - 3.0.8,4.3.0	#10
CVE-2012-2400 Path to dependency file: /WebContent/bank/stocks.jsp Path to vulnerable library: /WebContent/bank/../util/swfobject.js,/WebContent/util/swfobject.js Dependency Hierarchy: -> ❌ swfobject-2.2.js (Vulnerable Library)	Critical	9.3	Not Defined	0.5%	swfobject-2.2.js	Upgrade to version: 3.3.2	#9
CVE-2019-20920 Path to vulnerable library: /WebContent/swagger/lib/handlebars-2.0.0.js Dependency Hierarchy: -> ❌ handlebars-2.0.0.min.js (Vulnerable Library)	Critical	9.1	Not Defined	0.70000005%	handlebars-2.0.0.min.js	Upgrade to version: handlebars - 4.5.3	#10
WS-2020-0450 Path to vulnerable library: /WebContent/swagger/lib/handlebars-2.0.0.js Dependency Hierarchy: -> ❌ handlebars-2.0.0.min.js (Vulnerable Library)	High	8.7	Not Defined		handlebars-2.0.0.min.js	Upgrade to version: handlebars - 4.6.0	#10
CVE-2021-20086 Path to vulnerable library: /WebContent/swagger/lib/jquery.ba-bbq.min.js Dependency Hierarchy: -> ❌ jquery.ba-bbq-1.2.1.min.js (Vulnerable Library)	High	8.7	Not Defined	0.1%	jquery.ba-bbq-1.2.1.min.js		#20
CVE-2021-23358 Path to vulnerable library: /WebContent/swagger/lib/underscore-min.js Dependency Hierarchy: -> ❌ underscore-min-1.7.0.js (Vulnerable Library)	High	8.6	Not Defined	0.9%	underscore-min-1.7.0.js	Upgrade to version: underscore - 1.12.1,1.13.0-2	#5
WS-2019-0064 Path to vulnerable library: /WebContent/swagger/lib/handlebars-2.0.0.js Dependency Hierarchy: -> ❌ handlebars-2.0.0.min.js (Vulnerable Library)	Medium	6.9	Not Defined		handlebars-2.0.0.min.js	Upgrade to version: 3.0.7,4.0.14,4.1.2	#10
WS-2016-0034 Path to vulnerable library: /WebContent/swagger/swagger-ui.min.js Dependency Hierarchy: -> ❌ swagger-ui-2.1.2.min.js (Vulnerable Library)	Medium	6.9	Not Defined		swagger-ui-2.1.2.min.js	Upgrade to version: v2.1.5	#12
WS-2019-0103 Path to vulnerable library: /WebContent/swagger/lib/handlebars-2.0.0.js Dependency Hierarchy: -> ❌ handlebars-2.0.0.min.js (Vulnerable Library)	Medium	6.3	Not Defined		handlebars-2.0.0.min.js	Upgrade to version: 4.1.0	#10
CVE-2016-1000233 Path to vulnerable library: /WebContent/swagger/swagger-ui.min.js Dependency Hierarchy: -> ❌ swagger-ui-2.1.2.min.js (Vulnerable Library)	Medium	6.3	Not Defined		swagger-ui-2.1.2.min.js	Upgrade to version: 2.2.1	#12
WS-2019-0234 Path to vulnerable library: /WebContent/swagger/swagger-ui.min.js Dependency Hierarchy: -> ❌ swagger-ui-2.1.2.min.js (Vulnerable Library)	Medium	5.3	Not Defined		swagger-ui-2.1.2.min.js	Upgrade to version: 2.2.1	#12
WS-2017-0143 Path to vulnerable library: /WebContent/swagger/swagger-ui.min.js Dependency Hierarchy: -> ❌ swagger-ui-2.1.2.min.js (Vulnerable Library)	Medium	5.3	Not Defined		swagger-ui-2.1.2.min.js	Upgrade to version: 2.2.3	#12
CVE-2020-7656 Path to vulnerable library: /WebContent/swagger/lib/jquery-1.8.0.min.js Dependency Hierarchy: -> ❌ jquery-1.8.0.min.js (Vulnerable Library)	Medium	5.3	Not Defined	0.2%	jquery-1.8.0.min.js	Upgrade to version: jquery - 1.9.0	#15
CVE-2016-1000229 Path to vulnerable library: /WebContent/swagger/swagger-ui.min.js Dependency Hierarchy: -> ❌ swagger-ui-2.1.2.min.js (Vulnerable Library)	Medium	5.3	Not Defined	0.2%	swagger-ui-2.1.2.min.js	Upgrade to version: 2.2.1	#12
CVE-2015-9251 Path to vulnerable library: /WebContent/swagger/lib/jquery-1.8.0.min.js Dependency Hierarchy: -> ❌ jquery-1.8.0.min.js (Vulnerable Library)	Medium	5.3	High	0.70000005%	jquery-1.8.0.min.js	Upgrade to version: jQuery - 3.0.0	#15
CVE-2015-8861 Path to vulnerable library: /WebContent/swagger/lib/handlebars-2.0.0.js Dependency Hierarchy: -> ❌ handlebars-2.0.0.min.js (Vulnerable Library)	Medium	5.3	Not Defined	0.1%	handlebars-2.0.0.min.js	Upgrade to version: 4.0.0	#10
CVE-2012-6708 Path to vulnerable library: /WebContent/swagger/lib/jquery-1.8.0.min.js Dependency Hierarchy: -> ❌ jquery-1.8.0.min.js (Vulnerable Library)	Medium	5.3	Not Defined	0.8%	jquery-1.8.0.min.js	Upgrade to version: jQuery - v1.9.0	#15
CVE-2018-25031 Path to vulnerable library: /WebContent/swagger/swagger-ui.js Dependency Hierarchy: -> ❌ swagger-ui-3.19.3.js (Vulnerable Library)	Low	2.3	Not Defined	0.3%	swagger-ui-3.19.3.js	Upgrade to version: swagger-ui - 4.1.3;swagger-ui-dist - 4.1.3	#16
CVE-2018-25031 Path to dependency file: /WebContent/swagger/index.html Path to vulnerable library: /WebContent/swagger/swagger-ui-bundle.js,/WebContent/swagger/./swagger-ui-bundle.js Dependency Hierarchy: -> ❌ swagger-ui-bundle-3.19.3.js (Vulnerable Library)	Low	2.3	Not Defined	0.3%	swagger-ui-bundle-3.19.3.js	Upgrade to version: swagger-ui - 4.1.3;swagger-ui-dist - 4.1.3	#13
CVE-2018-25031 Path to vulnerable library: /WebContent/swagger/swagger-ui.min.js Dependency Hierarchy: -> ❌ swagger-ui-2.1.2.min.js (Vulnerable Library)	Low	2.3	Not Defined	0.3%	swagger-ui-2.1.2.min.js	Upgrade to version: swagger-ui - 4.1.3;swagger-ui-dist - 4.1.3	#12
CVE-2020-11023 Path to vulnerable library: /WebContent/swagger/lib/jquery-1.8.0.min.js Dependency Hierarchy: -> ❌ jquery-1.8.0.min.js (Vulnerable Library)	Low	2.1	Proof of concept	1.9%	jquery-1.8.0.min.js	Upgrade to version: jquery - 3.5.0;jquery-rails - 4.4.0	#15
CVE-2019-11358 Path to vulnerable library: /WebContent/swagger/lib/jquery-1.8.0.min.js Dependency Hierarchy: -> ❌ jquery-1.8.0.min.js (Vulnerable Library)	Low	2.1	Proof of concept	3.5%	jquery-1.8.0.min.js	Upgrade to version: jquery - 3.4.0	#15
CVE-2020-11022 Path to vulnerable library: /WebContent/swagger/lib/jquery-1.8.0.min.js Dependency Hierarchy: -> ❌ jquery-1.8.0.min.js (Vulnerable Library)	Low	1.3	Proof of concept	6.1%	jquery-1.8.0.min.js	Upgrade to version: jQuery - 3.5.0	#15

Total libraries scanned: 42
Scan token: 3960f751cadd74f33bf5a7759fa77d6201713549600057_124

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Security Report

Re-running checks...