chore(findings): ortussolutions/commandbox-lucee5
Summary
ortussolutions/commandbox-lucee5 has 333 new findings discovered during continuous monitoring.
id | source | severity | package |
---|---|---|---|
CVE-2020-27216 | Anchore CVE | High | jetty-http-8.1.15.v20140411 |
GHSA-xc67-hjx6-cgg6 | Anchore CVE | Medium | jetty-server-8.1.15.v20140411 |
CVE-2023-44487 | Anchore CVE | High | jetty-server-8.1.15.v20140411 |
CVE-2023-44487 | Anchore CVE | High | jetty-security-8.1.15.v20140411 |
GHSA-cgp8-4m63-fhh5 | Anchore CVE | Medium | commons-net-3.3 |
GHSA-4v6p-cxf9-98rf | Anchore CVE | Medium | metadata-extractor-2.8.1 |
GHSA-4p6w-m9wc-c9c9 | Anchore CVE | Medium | ant-1.4.0.0006L |
GHSA-vfqx-33qm-g869 | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-4gq5-ch57-c2mg | Anchore CVE | Critical | jackson-databind-2.3.3 |
CVE-2022-2047 | Anchore CVE | Low | jetty-server-8.1.15.v20140411 |
GHSA-85cw-hj65-qqv9 | Anchore CVE | Critical | jackson-databind-2.3.3 |
GHSA-9m6f-7xcq-8vf8 | Anchore CVE | High | jackson-databind-2.3.3 |
CVE-2022-2048 | Anchore CVE | High | jetty-http-8.1.15.v20140411 |
GHSA-523c-xh4g-mh5m | Anchore CVE | High | poi-2.5.1 |
GHSA-v585-23hc-c647 | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-q56h-jjj6-52mf | Anchore CVE | Medium | poi-2.5.1 |
GHSA-6fpp-rgj9-8rwc | Anchore CVE | Critical | jackson-databind-2.3.3 |
GHSA-fmmc-742q-jg75 | Anchore CVE | Critical | jackson-databind-2.3.3 |
CVE-2017-9735 | Anchore CVE | High | jetty-http-8.1.15.v20140411 |
GHSA-v585-23hc-c647 | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-fjq5-5j5f-mvxh | Anchore CVE | Critical | commons-collections-3.2.1 |
CVE-2023-44487 | Anchore CVE | High | jetty-io-8.1.15.v20140411 |
GHSA-mph4-vhrx-mv67 | Anchore CVE | Medium | jackson-databind-2.3.3 |
CVE-2023-26048 | Anchore CVE | Medium | jetty-http-8.1.15.v20140411 |
GHSA-rpr3-cw39-3pxh | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-wh8g-3j2c-rqj5 | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-89qr-369f-5m5x | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-r695-7vr9-jgc2 | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-89qr-369f-5m5x | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-57j2-w4cx-62h2 | Anchore CVE | High | jackson-databind-2.3.3 |
CVE-2017-9735 | Anchore CVE | High | jetty-io-8.1.15.v20140411 |
CVE-2017-7658 | Anchore CVE | Critical | jetty-servlet-8.1.15.v20140411 |
CVE-2017-7656 | Anchore CVE | High | jetty-io-8.1.15.v20140411 |
CVE-2023-44487 | Anchore CVE | High | jetty-security-8.1.15.v20140411 |
GHSA-cjjf-94ff-43w7 | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-p43x-xfjf-5jhr | Anchore CVE | Critical | jackson-databind-2.3.3 |
GHSA-qjw2-hr98-qgfh | Anchore CVE | High | jackson-databind-2.3.3 |
CVE-2023-26048 | Anchore CVE | Medium | jetty-io-8.1.15.v20140411 |
GHSA-7vx9-xjhr-rw6h | Anchore CVE | Medium | jetty-server-8.1.15.v20140411 |
GHSA-x9mm-6gpf-f749 | Anchore CVE | Medium | poi-2.5.1 |
GHSA-qr7j-h6gg-jmgc | Anchore CVE | Critical | jackson-databind-2.3.3 |
CVE-2021-34428 | Anchore CVE | Low | jetty-servlet-8.1.15.v20140411 |
GHSA-645p-88qh-w398 | Anchore CVE | Critical | jackson-databind-2.3.3 |
GHSA-m6x4-97wx-4q27 | Anchore CVE | High | jackson-databind-2.3.3 |
CVE-2022-2047 | Anchore CVE | Low | jetty-servlet-8.1.15.v20140411 |
CVE-2023-26048 | Anchore CVE | Medium | jetty-servlet-8.1.15.v20140411 |
GHSA-xc67-hjx6-cgg6 | Anchore CVE | Medium | jetty-server-8.1.15.v20140411 |
CVE-2022-33879 | Anchore CVE | Low | tika-core-1.28.3 |
CVE-2017-7656 | Anchore CVE | High | jetty-http-8.1.15.v20140411 |
CVE-2021-34428 | Anchore CVE | Low | jetty-http-8.1.15.v20140411 |
GHSA-r3gr-cxrf-hg25 | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-q5r4-cfpx-h6fh | Anchore CVE | Medium | ant-1.4.0.0006L |
GHSA-5ww9-j83m-q7qx | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-f9xh-2qgp-cq57 | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-mx7p-6679-8g3q | Anchore CVE | Critical | jackson-databind-2.3.3 |
CVE-2023-26049 | Anchore CVE | Medium | jetty-security-8.1.15.v20140411 |
CVE-2021-28165 | Anchore CVE | High | jetty-http-8.1.15.v20140411 |
GHSA-r695-7vr9-jgc2 | Anchore CVE | High | jackson-databind-2.3.3 |
CVE-2017-7658 | Anchore CVE | Critical | jetty-http-8.1.15.v20140411 |
GHSA-5mg8-w23w-74h3 | Anchore CVE | Low | guava-30.1-jre |
GHSA-qr7j-h6gg-jmgc | Anchore CVE | Critical | jackson-databind-2.3.3 |
CVE-2022-33879 | Anchore CVE | Low | tika-core-1.28.3 |
CVE-2023-26048 | Anchore CVE | Medium | jetty-continuation-8.1.15.v20140411 |
CVE-2022-33879 | Anchore CVE | Low | core-1.28.3 |
GHSA-p26g-97m4-6q7c | Anchore CVE | Low | jetty-server-8.1.15.v20140411 |
CVE-2022-2048 | Anchore CVE | High | jetty-io-8.1.15.v20140411 |
GHSA-7r82-7xv7-xcpj | Anchore CVE | Medium | httpclient-4.5.10.0002L |
GHSA-f3j5-rmmp-3fc5 | Anchore CVE | Critical | jackson-databind-2.3.3 |
GHSA-qw69-rqj8-6qw8 | Anchore CVE | Medium | jetty-server-8.1.15.v20140411 |
CVE-2017-7657 | Anchore CVE | Critical | jetty-servlet-8.1.15.v20140411 |
GHSA-4w82-r329-3q67 | Anchore CVE | Critical | jackson-databind-2.3.3 |
CVE-2023-44487 | Anchore CVE | High | jetty-io-8.1.15.v20140411 |
CVE-2020-27216 | Anchore CVE | High | jetty-io-8.1.15.v20140411 |
CVE-2017-7657 | Anchore CVE | Critical | jetty-servlet-8.1.15.v20140411 |
CVE-2021-34428 | Anchore CVE | Low | jetty-http-8.1.15.v20140411 |
CVE-2021-28169 | Anchore CVE | Medium | jetty-http-8.1.15.v20140411 |
CVE-2023-44487 | Anchore CVE | High | jetty-server-8.1.15.v20140411 |
GHSA-2pj2-gchf-wmw7 | Anchore CVE | Medium | zip4j-2.11.1 |
GHSA-vfqx-33qm-g869 | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-fjq5-5j5f-mvxh | Anchore CVE | Critical | commons-collections-3.2.1 |
CVE-2023-26049 | Anchore CVE | Medium | jetty-continuation-8.1.15.v20140411 |
GHSA-5949-rw7g-wx7w | Anchore CVE | High | jackson-databind-2.3.3 |
CVE-2020-27216 | Anchore CVE | High | jetty-servlet-8.1.15.v20140411 |
GHSA-f3j5-rmmp-3fc5 | Anchore CVE | Critical | jackson-databind-2.3.3 |
GHSA-8w26-6f25-cm9x | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-8w26-6f25-cm9x | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-6hgm-866r-3cjv | Anchore CVE | High | commons-collections-3.2.1 |
CVE-2023-26048 | Anchore CVE | Medium | jetty-io-8.1.15.v20140411 |
CVE-2021-28165 | Anchore CVE | High | jetty-io-8.1.15.v20140411 |
GHSA-gjmw-vf9h-g25v | Anchore CVE | Critical | jackson-databind-2.3.3 |
CVE-2017-7656 | Anchore CVE | High | jetty-servlet-8.1.15.v20140411 |
GHSA-h822-r4r5-v8jg | Anchore CVE | Critical | jackson-databind-2.3.3 |
GHSA-cj7v-27pg-wf7q | Anchore CVE | Low | jetty-http-8.1.15.v20140411 |
CVE-2021-28165 | Anchore CVE | High | jetty-servlet-8.1.15.v20140411 |
CVE-2022-2047 | Anchore CVE | Low | jetty-io-8.1.15.v20140411 |
CVE-2022-33879 | Anchore CVE | Low | core-1.28.3 |
CVE-2023-44487 | Anchore CVE | High | jetty-servlet-8.1.15.v20140411 |
GHSA-mph4-vhrx-mv67 | Anchore CVE | Medium | jackson-databind-2.3.3 |
CVE-2023-26049 | Anchore CVE | Medium | jetty-security-8.1.15.v20140411 |
GHSA-m6cp-vxjx-65j6 | Anchore CVE | Low | jetty-server-8.1.15.v20140411 |
GHSA-cmfg-87vq-g5g4 | Anchore CVE | Medium | jackson-databind-2.3.3 |
CVE-2017-7658 | Anchore CVE | Critical | jetty-io-8.1.15.v20140411 |
GHSA-jqx5-h2hw-5q4f | Anchore CVE | Medium | poi-2.5.1 |
CVE-2017-7657 | Anchore CVE | Critical | jetty-http-8.1.15.v20140411 |
GHSA-q5r4-cfpx-h6fh | Anchore CVE | Medium | ant-1.4.0.0006L |
CVE-2022-33879 | Anchore CVE | Low | tika-core-1.28.3 |
GHSA-5wfp-8643-c58x | Anchore CVE | Medium | poi-2.5.1 |
CVE-2022-2048 | Anchore CVE | High | jetty-io-8.1.15.v20140411 |
GHSA-qw69-rqj8-6qw8 | Anchore CVE | Medium | jetty-server-8.1.15.v20140411 |
GHSA-gww7-p5w4-wrfv | Anchore CVE | Critical | jackson-databind-2.3.3 |
CVE-2023-26048 | Anchore CVE | Medium | jetty-continuation-8.1.15.v20140411 |
CVE-2023-26049 | Anchore CVE | Medium | jetty-http-8.1.15.v20140411 |
GHSA-qjw2-hr98-qgfh | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-cmfg-87vq-g5g4 | Anchore CVE | Medium | jackson-databind-2.3.3 |
GHSA-q93h-jc49-78gg | Anchore CVE | Critical | jackson-databind-2.3.3 |
GHSA-5ww9-j83m-q7qx | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-4p6w-m9wc-c9c9 | Anchore CVE | Medium | ant-1.4.0.0006L |
GHSA-h592-38cm-4ggp | Anchore CVE | Critical | jackson-databind-2.3.3 |
CVE-2023-26048 | Anchore CVE | Medium | jetty-servlet-8.1.15.v20140411 |
GHSA-h592-38cm-4ggp | Anchore CVE | Critical | jackson-databind-2.3.3 |
CVE-2023-44487 | Anchore CVE | High | jetty-continuation-8.1.15.v20140411 |
GHSA-gww7-p5w4-wrfv | Anchore CVE | Critical | jackson-databind-2.3.3 |
CVE-2017-7657 | Anchore CVE | Critical | jetty-io-8.1.15.v20140411 |
CVE-2023-35116 | Anchore CVE | Medium | jackson-databind-2.3.3 |
GHSA-m6x4-97wx-4q27 | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-7r82-7xv7-xcpj | Anchore CVE | Medium | httpclient-4.5.10.0002L |
GHSA-cf6r-3wgc-h863 | Anchore CVE | High | jackson-databind-2.3.3 |
CVE-2023-35116 | Anchore CVE | Medium | jackson-databind-2.3.3 |
CVE-2022-2048 | Anchore CVE | High | jetty-http-8.1.15.v20140411 |
GHSA-4w82-r329-3q67 | Anchore CVE | Critical | jackson-databind-2.3.3 |
GHSA-p26g-97m4-6q7c | Anchore CVE | Low | jetty-server-8.1.15.v20140411 |
GHSA-wfcc-pff6-rgc5 | Anchore CVE | High | jetty-server-8.1.15.v20140411 |
CVE-2023-26048 | Anchore CVE | Medium | jetty-util-8.1.15.v20140411 |
CVE-2023-26049 | Anchore CVE | Medium | jetty-continuation-8.1.15.v20140411 |
GHSA-7r82-7xv7-xcpj | Anchore CVE | Medium | httpclient-4.5.10.0002L |
CVE-2020-27216 | Anchore CVE | High | jetty-io-8.1.15.v20140411 |
CVE-2021-28165 | Anchore CVE | High | jetty-io-8.1.15.v20140411 |
GHSA-gwp4-hfv6-p7hw | Anchore CVE | High | jackson-databind-2.3.3 |
CVE-2021-34428 | Anchore CVE | Low | jetty-io-8.1.15.v20140411 |
CVE-2021-28169 | Anchore CVE | Medium | jetty-io-8.1.15.v20140411 |
CVE-2021-28169 | Anchore CVE | Medium | jetty-server-8.1.15.v20140411 |
CVE-2021-28169 | Anchore CVE | Medium | jetty-servlet-8.1.15.v20140411 |
GHSA-qxxx-2pp7-5hmx | Anchore CVE | Critical | jackson-databind-2.3.3 |
GHSA-cf6r-3wgc-h863 | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-h822-r4r5-v8jg | Anchore CVE | Critical | jackson-databind-2.3.3 |
CVE-2022-33879 | Anchore CVE | Low | tika-core-1.28.3 |
GHSA-c8hm-7hpq-7jhg | Anchore CVE | Critical | jackson-databind-2.3.3 |
GHSA-qxxx-2pp7-5hmx | Anchore CVE | Critical | jackson-databind-2.3.3 |
GHSA-c8hm-7hpq-7jhg | Anchore CVE | Critical | jackson-databind-2.3.3 |
CVE-2023-26048 | Anchore CVE | Medium | jetty-util-8.1.15.v20140411 |
CVE-2017-7656 | Anchore CVE | High | jetty-http-8.1.15.v20140411 |
CVE-2022-33879 | Anchore CVE | Low | core-1.28.3 |
CVE-2023-26049 | Anchore CVE | Medium | jetty-io-8.1.15.v20140411 |
GHSA-cgp8-4m63-fhh5 | Anchore CVE | Medium | commons-net-3.3 |
GHSA-9gph-22xh-8x98 | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-m6cp-vxjx-65j6 | Anchore CVE | Low | jetty-server-8.1.15.v20140411 |
CVE-2020-27216 | Anchore CVE | High | jetty-servlet-8.1.15.v20140411 |
CVE-2023-44487 | Anchore CVE | High | jetty-http-8.1.15.v20140411 |
CVE-2021-28165 | Anchore CVE | High | jetty-http-8.1.15.v20140411 |
CVE-2020-27216 | Anchore CVE | High | jetty-http-8.1.15.v20140411 |
CVE-2023-26049 | Anchore CVE | Medium | jetty-servlet-8.1.15.v20140411 |
GHSA-wfcc-pff6-rgc5 | Anchore CVE | High | jetty-server-8.1.15.v20140411 |
CVE-2022-42003 | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-h3cw-g4mq-c5x2 | Anchore CVE | High | jackson-databind-2.3.3 |
CVE-2022-42003 | Anchore CVE | High | jackson-databind-2.3.3 |
CVE-2022-2047 | Anchore CVE | Low | jetty-io-8.1.15.v20140411 |
CVE-2017-7656 | Anchore CVE | High | jetty-servlet-8.1.15.v20140411 |
GHSA-rgv9-q543-rqg4 | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-7g45-4rm6-3mm3 | Anchore CVE | Medium | guava-30.1-jre |
GHSA-gjmw-vf9h-g25v | Anchore CVE | Critical | jackson-databind-2.3.3 |
GHSA-p5pg-wm9q-8v6r | Anchore CVE | Medium | metadata-extractor-2.8.1 |
GHSA-rfx6-vp9g-rh7v | Anchore CVE | Critical | jackson-databind-2.3.3 |
CVE-2021-28165 | Anchore CVE | High | jetty-servlet-8.1.15.v20140411 |
CVE-2023-26048 | Anchore CVE | Medium | jetty-http-8.1.15.v20140411 |
CVE-2023-44487 | Anchore CVE | High | jetty-servlet-8.1.15.v20140411 |
CVE-2017-7658 | Anchore CVE | Critical | jetty-io-8.1.15.v20140411 |
CVE-2023-44487 | Anchore CVE | High | jetty-continuation-8.1.15.v20140411 |
CVE-2017-9735 | Anchore CVE | High | jetty-servlet-8.1.15.v20140411 |
GHSA-w3f4-3q6j-rh82 | Anchore CVE | High | jackson-databind-2.3.3 |
CVE-2017-7656 | Anchore CVE | High | jetty-io-8.1.15.v20140411 |
GHSA-w3f4-3q6j-rh82 | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-fqwf-pjwf-7vqv | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-cggj-fvv3-cqwv | Anchore CVE | Critical | jackson-databind-2.3.3 |
GHSA-9m6f-7xcq-8vf8 | Anchore CVE | High | jackson-databind-2.3.3 |
CVE-2017-9735 | Anchore CVE | High | jetty-http-8.1.15.v20140411 |
GHSA-rgv9-q543-rqg4 | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-6fpp-rgj9-8rwc | Anchore CVE | Critical | jackson-databind-2.3.3 |
CVE-2021-34428 | Anchore CVE | Low | jetty-io-8.1.15.v20140411 |
CVE-2021-28169 | Anchore CVE | Medium | jetty-io-8.1.15.v20140411 |
CVE-2022-2048 | Anchore CVE | High | jetty-server-8.1.15.v20140411 |
CVE-2022-2048 | Anchore CVE | High | jetty-servlet-8.1.15.v20140411 |
GHSA-ghgj-3xqr-6jfm | Anchore CVE | High | jetty-server-8.1.15.v20140411 |
GHSA-fqwf-pjwf-7vqv | Anchore CVE | High | jackson-databind-2.3.3 |
CVE-2023-26048 | Anchore CVE | Medium | jetty-security-8.1.15.v20140411 |
CVE-2017-7658 | Anchore CVE | Critical | jetty-http-8.1.15.v20140411 |
GHSA-h3cw-g4mq-c5x2 | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-84q7-p226-4x5w | Anchore CVE | High | jetty-server-8.1.15.v20140411 |
GHSA-rpr3-cw39-3pxh | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-cgp8-4m63-fhh5 | Anchore CVE | Medium | commons-net-3.3 |
GHSA-57j2-w4cx-62h2 | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-4gq5-ch57-c2mg | Anchore CVE | Critical | jackson-databind-2.3.3 |
GHSA-78vv-qj73-h9m5 | Anchore CVE | Medium | poi-2.5.1 |
GHSA-fmmc-742q-jg75 | Anchore CVE | Critical | jackson-databind-2.3.3 |
GHSA-6x9x-8qw9-9pp6 | Anchore CVE | Critical | jetty-server-8.1.15.v20140411 |
CVE-2016-5000 | Anchore CVE | Medium | poi-2.5.1 |
GHSA-q93h-jc49-78gg | Anchore CVE | Critical | jackson-databind-2.3.3 |
CVE-2020-27216 | Anchore CVE | High | jetty-server-8.1.15.v20140411 |
GHSA-vgg8-72f2-qm23 | Anchore CVE | Critical | jetty-server-8.1.15.v20140411 |
CVE-2021-28169 | Anchore CVE | Medium | jetty-servlet-8.1.15.v20140411 |
CVE-2023-44487 | Anchore CVE | High | jetty-util-8.1.15.v20140411 |
GHSA-cjjf-94ff-43w7 | Anchore CVE | High | jackson-databind-2.3.3 |
CVE-2023-44487 | Anchore CVE | High | jetty-util-8.1.15.v20140411 |
CVE-2017-7658 | Anchore CVE | Critical | jetty-servlet-8.1.15.v20140411 |
GHSA-p43x-xfjf-5jhr | Anchore CVE | Critical | jackson-databind-2.3.3 |
CVE-2017-7657 | Anchore CVE | Critical | jetty-http-8.1.15.v20140411 |
CVE-2021-28169 | Anchore CVE | Medium | jetty-server-8.1.15.v20140411 |
GHSA-26vr-8j45-3r4w | Anchore CVE | High | jetty-server-8.1.15.v20140411 |
GHSA-cj7v-27pg-wf7q | Anchore CVE | Low | jetty-http-8.1.15.v20140411 |
CVE-2017-9735 | Anchore CVE | High | jetty-io-8.1.15.v20140411 |
GHSA-wh8g-3j2c-rqj5 | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-645p-88qh-w398 | Anchore CVE | Critical | jackson-databind-2.3.3 |
CVE-2023-26049 | Anchore CVE | Medium | jetty-io-8.1.15.v20140411 |
GHSA-6hgm-866r-3cjv | Anchore CVE | High | commons-collections-3.2.1 |
GHSA-gwp4-hfv6-p7hw | Anchore CVE | High | jackson-databind-2.3.3 |
CVE-2021-34428 | Anchore CVE | Low | jetty-servlet-8.1.15.v20140411 |
CVE-2023-26048 | Anchore CVE | Medium | jetty-security-8.1.15.v20140411 |
GHSA-cgp8-4m63-fhh5 | Anchore CVE | Medium | commons-net-3.3 |
GHSA-r3gr-cxrf-hg25 | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-8c4j-34r4-xr8g | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-mx7p-6679-8g3q | Anchore CVE | Critical | jackson-databind-2.3.3 |
GHSA-84q7-p226-4x5w | Anchore CVE | High | jetty-server-8.1.15.v20140411 |
CVE-2022-2047 | Anchore CVE | Low | jetty-server-8.1.15.v20140411 |
CVE-2022-33879 | Anchore CVE | Low | core-1.28.3 |
GHSA-5r5r-6hpj-8gg9 | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-5r5r-6hpj-8gg9 | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-9gph-22xh-8x98 | Anchore CVE | High | jackson-databind-2.3.3 |
CVE-2017-7657 | Anchore CVE | Critical | jetty-io-8.1.15.v20140411 |
GHSA-vgg8-72f2-qm23 | Anchore CVE | Critical | jetty-server-8.1.15.v20140411 |
CVE-2022-26336 | Anchore CVE | Medium | poi-2.5.1 |
GHSA-cvm9-fjm9-3572 | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-6x9x-8qw9-9pp6 | Anchore CVE | Critical | jetty-server-8.1.15.v20140411 |
CVE-2023-26049 | Anchore CVE | Medium | jetty-servlet-8.1.15.v20140411 |
CVE-2023-26049 | Anchore CVE | Medium | jetty-http-8.1.15.v20140411 |
CVE-2022-2047 | Anchore CVE | Low | jetty-servlet-8.1.15.v20140411 |
GHSA-7r82-7xv7-xcpj | Anchore CVE | Medium | httpclient-4.5.10 |
CVE-2021-28169 | Anchore CVE | Medium | jetty-http-8.1.15.v20140411 |
CVE-2022-2048 | Anchore CVE | High | jetty-server-8.1.15.v20140411 |
GHSA-ghgj-3xqr-6jfm | Anchore CVE | High | jetty-server-8.1.15.v20140411 |
GHSA-7vx9-xjhr-rw6h | Anchore CVE | Medium | jetty-server-8.1.15.v20140411 |
GHSA-j8jw-g6fq-mp7h | Anchore CVE | High | hibernate-core-3.5.5-Final |
GHSA-8c4j-34r4-xr8g | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-f9xh-2qgp-cq57 | Anchore CVE | High | jackson-databind-2.3.3 |
CVE-2023-26049 | Anchore CVE | Medium | jetty-util-8.1.15.v20140411 |
CVE-2023-26049 | Anchore CVE | Medium | jetty-util-8.1.15.v20140411 |
GHSA-26vr-8j45-3r4w | Anchore CVE | High | jetty-server-8.1.15.v20140411 |
CVE-2020-27216 | Anchore CVE | High | jetty-server-8.1.15.v20140411 |
GHSA-85cw-hj65-qqv9 | Anchore CVE | Critical | jackson-databind-2.3.3 |
GHSA-5949-rw7g-wx7w | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-cggj-fvv3-cqwv | Anchore CVE | Critical | jackson-databind-2.3.3 |
GHSA-cvm9-fjm9-3572 | Anchore CVE | High | jackson-databind-2.3.3 |
GHSA-9jwc-q6j3-8g9g | Anchore CVE | Medium | poi-2.5.1 |
CVE-2017-9735 | Anchore CVE | High | jetty-servlet-8.1.15.v20140411 |
CVE-2017-7658 | Twistlock CVE | Critical | org.eclipse.jetty_jetty-server-8.1.15.v20140411 |
CVE-2017-7657 | Twistlock CVE | Critical | org.eclipse.jetty_jetty-server-8.1.15.v20140411 |
CVE-2021-28165 | Twistlock CVE | High | org.eclipse.jetty_jetty-server-8.1.15.v20140411 |
CVE-2017-9735 | Twistlock CVE | High | org.eclipse.jetty_jetty-server-8.1.15.v20140411 |
CVE-2017-7656 | Twistlock CVE | High | org.eclipse.jetty_jetty-server-8.1.15.v20140411 |
CVE-2015-2080 | Twistlock CVE | High | org.eclipse.jetty_jetty-server-8.1.15.v20140411 |
CVE-2019-10241 | Twistlock CVE | Medium | org.eclipse.jetty_jetty-server-8.1.15.v20140411 |
CVE-2023-26048 | Twistlock CVE | Medium | org.eclipse.jetty_jetty-server-8.1.15.v20140411 |
CVE-2019-10247 | Twistlock CVE | Medium | org.eclipse.jetty_jetty-server-8.1.15.v20140411 |
CVE-2021-34428 | Twistlock CVE | Low | org.eclipse.jetty_jetty-server-8.1.15.v20140411 |
CVE-2022-2047 | Twistlock CVE | Low | org.eclipse.jetty_jetty-http-8.1.15.v20140411 |
CVE-2023-26049 | Twistlock CVE | Low | org.eclipse.jetty_jetty-server-8.1.15.v20140411 |
CVE-2022-2048 | Anchore CVE | High | jetty-servlet-8.1.15.v20140411 |
CVE-2023-44487 | Anchore CVE | High | jetty-http-8.1.15.v20140411 |
GHSA-rfx6-vp9g-rh7v | Anchore CVE | Critical | jackson-databind-2.3.3 |
GHSA-j8jw-g6fq-mp7h | Anchore CVE | High | hibernate-core-3.5.5-Final |
CVE-2020-9548 | Twistlock CVE | Critical | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2020-9547 | Twistlock CVE | Critical | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2020-8840 | Twistlock CVE | Critical | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2019-20330 | Twistlock CVE | Critical | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2019-17531 | Twistlock CVE | Critical | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2019-17267 | Twistlock CVE | Critical | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2019-16943 | Twistlock CVE | Critical | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2019-16942 | Twistlock CVE | Critical | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2019-16335 | Twistlock CVE | Critical | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2019-14892 | Twistlock CVE | Critical | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2019-14540 | Twistlock CVE | Critical | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2019-14379 | Twistlock CVE | Critical | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2018-14719 | Twistlock CVE | Critical | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2018-14718 | Twistlock CVE | Critical | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2018-11307 | Twistlock CVE | Critical | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2017-7658 | Twistlock CVE | Critical | org.eclipse.jetty_jetty-io-8.1.15.v20140411 |
CVE-2017-7657 | Twistlock CVE | Critical | org.eclipse.jetty_jetty-io-8.1.15.v20140411 |
CVE-2017-15095 | Twistlock CVE | Critical | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2020-10673 | Twistlock CVE | High | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2021-20190 | Twistlock CVE | High | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2020-36189 | Twistlock CVE | High | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2020-36188 | Twistlock CVE | High | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2020-36187 | Twistlock CVE | High | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2020-36186 | Twistlock CVE | High | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2020-36185 | Twistlock CVE | High | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2020-36184 | Twistlock CVE | High | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2020-36183 | Twistlock CVE | High | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2020-36182 | Twistlock CVE | High | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2020-36181 | Twistlock CVE | High | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2020-36180 | Twistlock CVE | High | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2020-36179 | Twistlock CVE | High | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2020-24750 | Twistlock CVE | High | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2020-24616 | Twistlock CVE | High | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2018-5968 | Twistlock CVE | High | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2023-44487 | Twistlock CVE | High | org.eclipse.jetty_jetty-io-8.1.15.v20140411 |
CVE-2022-2048 | Twistlock CVE | High | org.eclipse.jetty_jetty-io-8.1.15.v20140411 |
CVE-2021-28165 | Twistlock CVE | High | org.eclipse.jetty_jetty-io-8.1.15.v20140411 |
CVE-2019-14439 | Twistlock CVE | High | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2019-12086 | Twistlock CVE | High | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2018-12022 | Twistlock CVE | High | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2017-9735 | Twistlock CVE | High | org.eclipse.jetty_jetty-io-8.1.15.v20140411 |
CVE-2017-7656 | Twistlock CVE | High | org.eclipse.jetty_jetty-io-8.1.15.v20140411 |
CVE-2020-25638 | Twistlock CVE | High | org.hibernate_hibernate-core-3.5.5-Final |
CVE-2023-2976 | Twistlock CVE | High | com.google.guava_guava-30.1-jre |
CVE-2020-27216 | Twistlock CVE | High | org.eclipse.jetty_jetty-io-8.1.15.v20140411 |
CVE-2019-14900 | Twistlock CVE | Medium | org.hibernate_hibernate-core-3.5.5-Final |
CVE-2019-12814 | Twistlock CVE | Medium | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2019-12384 | Twistlock CVE | Medium | com.fasterxml.jackson.core_jackson-databind-2.3.3 |
CVE-2023-26049 | Twistlock CVE | Medium | org.eclipse.jetty_jetty-io-8.1.15.v20140411 |
CVE-2023-26048 | Twistlock CVE | Medium | org.eclipse.jetty_jetty-io-8.1.15.v20140411 |
CVE-2021-28169 | Twistlock CVE | Medium | org.eclipse.jetty_jetty-io-8.1.15.v20140411 |
CVE-2019-10247 | Twistlock CVE | Medium | org.eclipse.jetty_jetty-io-8.1.15.v20140411 |
CVE-2021-34428 | Twistlock CVE | Low | org.eclipse.jetty_jetty-io-8.1.15.v20140411 |
CVE-2020-8908 | Twistlock CVE | Low | com.google.guava_guava-30.1-jre |
CVE-2022-2047 | Twistlock CVE | Low | org.eclipse.jetty_jetty-io-8.1.15.v20140411 |
VAT: https://vat.dso.mil/vat/image?imageName=ortussolutions/commandbox-lucee5&tag=1.2.0&branch=master
More information can be found in the VAT located here: https://vat.dso.mil/vat/image?imageName=ortussolutions/commandbox-lucee5&tag=1.2.0&branch=master
Tasks
Contributor:
-
Provide justifications for findings in the VAT (docs) -
Apply the StatusVerification label to this issue and wait for feedback
Iron Bank:
-
Review findings and justifications
Note: If the above process is rejected for any reason, the
Verification
label will be removed and the issue will be sent back toOpen
. Any comments will be listed in this issue for you to address. Once they have been addressed, you must re-add theVerification
label.
Questions?
Contact the Iron Bank team by commenting on this issue with your questions or concerns. If you do not receive a response, add /cc @ironbank-notifications/onboarding
.
Additionally, Iron Bank hosts an AMA working session every Wednesday from 1630-1730EST to answer questions.