Remove labels arg for closing GH issue (#531)
Security Report
| CVE | Severity |  CVSS Score |
Vulnerable Library | Suggested Fix | Issue |
|---|---|---|---|---|---|
CVE-2022-43406Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.jenkins-ci.plugins.workflow/workflow-cps-global-lib/570.v21311f4951f8/2f4e26a941657bf9e3af9d9a29194a38112cca6a/workflow-cps-global-lib-570.v21311f4951f8.jar Dependency Hierarchy: -> ❌ workflow-cps-global-lib-570.v21311f4951f8.jar (Vulnerable Library) |
 Critical |
9.9 | workflow-cps-global-lib-570.v21311f4951f8.jar | Upgrade to version: io.jenkins.plugins:pipeline-groovy-lib:613.v9c41a_160233f | #62 |
CVE-2022-43405Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.jenkins-ci.plugins.workflow/workflow-cps-global-lib/570.v21311f4951f8/2f4e26a941657bf9e3af9d9a29194a38112cca6a/workflow-cps-global-lib-570.v21311f4951f8.jar Dependency Hierarchy: -> ❌ workflow-cps-global-lib-570.v21311f4951f8.jar (Vulnerable Library) |
Critical |
9.9 | workflow-cps-global-lib-570.v21311f4951f8.jar | Upgrade to version: io.jenkins.plugins:pipeline-groovy-lib:613.v9c41a_160233f | #62 |
CVE-2022-45047Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.sshd/sshd-core/2.5.1/cc0e3cdb1e983211f94e4dffa40c0189e330aac3/sshd-core-2.5.1.jar Dependency Hierarchy: -> ❌ sshd-core-2.5.1.jar (Vulnerable Library) |
Critical |
9.8 | sshd-core-2.5.1.jar | Upgrade to version: org.apache.sshd:sshd-core:2.9.2;org.apache.sshd:sshd-common:2.9.2;org.apache.sshd:sshd-osgi:2.9.2 | #74 |
CVE-2022-45047Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.sshd/sshd-common/2.5.1/a93d53383d602ad27f7fda5a6d6450a68729b804/sshd-common-2.5.1.jar Dependency Hierarchy: -> ❌ sshd-common-2.5.1.jar (Vulnerable Library) |
Critical |
9.8 | sshd-common-2.5.1.jar | Upgrade to version: org.apache.sshd:sshd-core:2.9.2;org.apache.sshd:sshd-common:2.9.2;org.apache.sshd:sshd-osgi:2.9.2 | #60 |
CVE-2016-1000027Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.springframework/spring-web/5.3.29/4cd333e48d9a05d05c05ae7426242ecfe4cfb681/spring-web-5.3.29.jar Dependency Hierarchy: -> jenkins-core-2.426.3.jar (Root Library) -> spring-security-web-5.8.7.jar -> ❌ spring-web-5.3.29.jar (Vulnerable Library) |
Critical |
9.8 | spring-web-5.3.29.jar | Upgrade to version: org.springframework:spring-web:6.0.0 | #437 |
CVE-2022-37865Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.ivy/ivy/2.5.0/7cd93e73e91acb868717ebf2410f966f53ae5897/ivy-2.5.0.jar Dependency Hierarchy: -> ❌ ivy-2.5.0.jar (Vulnerable Library) |
Critical |
9.1 | ivy-2.5.0.jar | Upgrade to version: org.apache.ivy:ivy:2.5.1 | #76 |
CVE-2022-37865Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.ivy/ivy/2.4.0/5abe4c24bbe992a9ac07ca563d5bd3e8d569e9ed/ivy-2.4.0.jar Dependency Hierarchy: -> ❌ ivy-2.4.0.jar (Vulnerable Library) |
Critical |
9.1 | ivy-2.4.0.jar | Upgrade to version: org.apache.ivy:ivy:2.5.1 | #72 |
CVE-2024-43044Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.jenkins-ci.main/jenkins-core/2.426.3/eee94c4c0c78e715d2a599eb66a5a89c5eed9d18/jenkins-core-2.426.3.jar Dependency Hierarchy: -> ❌ jenkins-core-2.426.3.jar (Vulnerable Library) |
 High |
8.8 | jenkins-core-2.426.3.jar | Upgrade to version: org.jenkins-ci.main:jenkins-core:2.452.4,2.462.1,2.471 | #437 |
CVE-2024-34145Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.jenkins-ci.plugins/script-security/1229.v4880b_b_e905a_6/6d8dfb75093b8b8973af431a5fb129a91ce87525/script-security-1229.v4880b_b_e905a_6.jar Dependency Hierarchy: -> ❌ script-security-1229.v4880b_b_e905a_6.jar (Vulnerable Library) |
High |
8.8 | script-security-1229.v4880b_b_e905a_6.jar | Upgrade to version: org.jenkins-ci.plugins:script-security:1336.vf33a_a_9863911 | #421 |
CVE-2024-34144Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.jenkins-ci.plugins/script-security/1229.v4880b_b_e905a_6/6d8dfb75093b8b8973af431a5fb129a91ce87525/script-security-1229.v4880b_b_e905a_6.jar Dependency Hierarchy: -> ❌ script-security-1229.v4880b_b_e905a_6.jar (Vulnerable Library) |
High |
8.8 | script-security-1229.v4880b_b_e905a_6.jar | Upgrade to version: org.jenkins-ci.plugins:script-security:1336.vf33a_a_9863911 | #421 |
CVE-2023-4759Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.eclipse.jgit/org.eclipse.jgit/5.13.0.202109080827-r/32badd5adebd660424509344259ad3e409699ba2/org.eclipse.jgit-5.13.0.202109080827-r.jar Dependency Hierarchy: -> ❌ org.eclipse.jgit-5.13.0.202109080827-r.jar (Vulnerable Library) |
High |
8.8 | org.eclipse.jgit-5.13.0.202109080827-r.jar | Upgrade to version: org.eclipse.jgit:org.eclipse.jgit:6.6.1.202309021850-r | #311 |
CVE-2023-40336Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.jenkins-ci.plugins/cloudbees-folder/6.16/53b5e0e56eb9041b71922bed842689c948bce5f9/cloudbees-folder-6.16.jar Dependency Hierarchy: -> ❌ cloudbees-folder-6.16.jar (Vulnerable Library) |
High |
8.8 | cloudbees-folder-6.16.jar | Upgrade to version: org.jenkins-ci.plugins:cloudbees-folder:6.848.ve3b_fd7839a_81 | #283 |
CVE-2022-1471Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.yaml/snakeyaml/1.29/6d0cdafb2010f1297e574656551d7145240f6e25/snakeyaml-1.29.jar Dependency Hierarchy: -> ❌ snakeyaml-1.29.jar (Vulnerable Library) |
High |
8.3 | snakeyaml-1.29.jar | Upgrade to version: org.yaml:snakeyaml:2.0 | #69 |
CVE-2024-22257Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.springframework.security/spring-security-core/5.8.7/916c9b391ef6e606806dbe2fc9c8b4ff5a853cdf/spring-security-core-5.8.7.jar Dependency Hierarchy: -> jenkins-core-2.426.3.jar (Root Library) -> spring-security-web-5.8.7.jar -> ❌ spring-security-core-5.8.7.jar (Vulnerable Library) |
High |
8.2 | spring-security-core-5.8.7.jar | Upgrade to version: org.springframework.security:spring-security-core:5.7.12,5.8.11,6.1.8,6.2.3 | #437 |
CVE-2022-46751Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.ivy/ivy/2.5.0/7cd93e73e91acb868717ebf2410f966f53ae5897/ivy-2.5.0.jar Dependency Hierarchy: -> ❌ ivy-2.5.0.jar (Vulnerable Library) |
High |
8.2 | ivy-2.5.0.jar | Upgrade to version: org.apache.ivy:ivy:2.5.2 | #76 |
CVE-2022-46751Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.ivy/ivy/2.4.0/5abe4c24bbe992a9ac07ca563d5bd3e8d569e9ed/ivy-2.4.0.jar Dependency Hierarchy: -> ❌ ivy-2.4.0.jar (Vulnerable Library) |
High |
8.2 | ivy-2.4.0.jar | Upgrade to version: org.apache.ivy:ivy:2.5.2 | #72 |
CVE-2024-25710Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.commons/commons-compress/1.24.0/b4b1b5a3d9573b2970fddab236102c0a4d27d35e/commons-compress-1.24.0.jar Dependency Hierarchy: -> jenkins-core-2.426.3.jar (Root Library) -> ❌ commons-compress-1.24.0.jar (Vulnerable Library) |
High |
8.1 | commons-compress-1.24.0.jar | Upgrade to version: org.apache.commons:commons-compress:1.26.0 | #437 |
CVE-2024-22262Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.springframework/spring-web/5.3.29/4cd333e48d9a05d05c05ae7426242ecfe4cfb681/spring-web-5.3.29.jar Dependency Hierarchy: -> jenkins-core-2.426.3.jar (Root Library) -> spring-security-web-5.8.7.jar -> ❌ spring-web-5.3.29.jar (Vulnerable Library) |
High |
8.1 | spring-web-5.3.29.jar | Upgrade to version: org.springframework:spring-web:5.3.34;6.0.19,6.1.6 | #437 |
CVE-2024-22259Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.springframework/spring-web/5.3.29/4cd333e48d9a05d05c05ae7426242ecfe4cfb681/spring-web-5.3.29.jar Dependency Hierarchy: -> jenkins-core-2.426.3.jar (Root Library) -> spring-security-web-5.8.7.jar -> ❌ spring-web-5.3.29.jar (Vulnerable Library) |
High |
8.1 | spring-web-5.3.29.jar | Upgrade to version: org.springframework:spring-web:5.3.33,6.0.18,6.1.5 | #437 |
CVE-2024-22243Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.springframework/spring-web/5.3.29/4cd333e48d9a05d05c05ae7426242ecfe4cfb681/spring-web-5.3.29.jar Dependency Hierarchy: -> jenkins-core-2.426.3.jar (Root Library) -> spring-security-web-5.8.7.jar -> ❌ spring-web-5.3.29.jar (Vulnerable Library) |
High |
8.1 | spring-web-5.3.29.jar | Upgrade to version: org.springframework:spring-web:5.3.32,6.0.17,6.1.4 | #437 |
CVE-2024-47554Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/commons-io/commons-io/2.13.0/8bb2bc9b4df17e2411533a0708a69f983bf5e83b/commons-io-2.13.0.jar Dependency Hierarchy: -> jenkins-core-2.426.3.jar (Root Library) -> ❌ commons-io-2.13.0.jar (Vulnerable Library) |
High |
7.5 | commons-io-2.13.0.jar | Upgrade to version: commons-io:commons-io:2.14.0 | #437 |
CVE-2023-5072Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.json/json/20190722/7bce7bacf0ab5e9f894d307a3de8b7f540064d5/json-20190722.jar Dependency Hierarchy: -> ❌ json-20190722.jar (Vulnerable Library) |
High |
7.5 | json-20190722.jar | Upgrade to version: org.json:json:20231013 | #203 |
CVE-2022-45688Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.json/json/20190722/7bce7bacf0ab5e9f894d307a3de8b7f540064d5/json-20190722.jar Dependency Hierarchy: -> ❌ json-20190722.jar (Vulnerable Library) |
High |
7.5 | json-20190722.jar | Upgrade to version: org.json:json:20230227 | #203 |
CVE-2022-37866Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.ivy/ivy/2.5.0/7cd93e73e91acb868717ebf2410f966f53ae5897/ivy-2.5.0.jar Dependency Hierarchy: -> ❌ ivy-2.5.0.jar (Vulnerable Library) |
High |
7.5 | ivy-2.5.0.jar | Upgrade to version: org.apache.ivy:ivy:2.5.1 | #76 |
CVE-2022-37866Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.ivy/ivy/2.4.0/5abe4c24bbe992a9ac07ca563d5bd3e8d569e9ed/ivy-2.4.0.jar Dependency Hierarchy: -> ❌ ivy-2.4.0.jar (Vulnerable Library) |
High |
7.5 | ivy-2.4.0.jar | Upgrade to version: org.apache.ivy:ivy:2.5.1 | #72 |
CVE-2022-25857Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.yaml/snakeyaml/1.29/6d0cdafb2010f1297e574656551d7145240f6e25/snakeyaml-1.29.jar Dependency Hierarchy: -> ❌ snakeyaml-1.29.jar (Vulnerable Library) |
High |
7.5 | snakeyaml-1.29.jar | Upgrade to version: org.yaml:snakeyaml:1.31 | #69 |
CVE-2024-23899Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.jenkins-ci.plugins/git-server/1.10/e24b71bfe330ea7cfbc1ecc1e1cfa35ebc1e9956/git-server-1.10.jar Dependency Hierarchy: -> ❌ git-server-1.10.jar (Vulnerable Library) |
 Medium |
6.5 | git-server-1.10.jar | Upgrade to version: org.jenkins-ci.plugins:git-server:99.101.v720e86326c09 | #370 |
CVE-2022-40152Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/com.fasterxml.woodstox/woodstox-core/6.3.1/bf29b07ca4dd81ef3c0bc18c8bd5617510a81c5d/woodstox-core-6.3.1.jar Dependency Hierarchy: -> ❌ woodstox-core-6.3.1.jar (Vulnerable Library) |
Medium |
6.5 | woodstox-core-6.3.1.jar | Upgrade to version: com.fasterxml.woodstox:woodstox-core:5.4.0,6.4.0 | #129 |
CVE-2022-38752Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.yaml/snakeyaml/1.29/6d0cdafb2010f1297e574656551d7145240f6e25/snakeyaml-1.29.jar Dependency Hierarchy: -> ❌ snakeyaml-1.29.jar (Vulnerable Library) |
Medium |
6.5 | snakeyaml-1.29.jar | Upgrade to version: org.yaml:snakeyaml:1.32 | #69 |
CVE-2022-38751Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.yaml/snakeyaml/1.29/6d0cdafb2010f1297e574656551d7145240f6e25/snakeyaml-1.29.jar Dependency Hierarchy: -> ❌ snakeyaml-1.29.jar (Vulnerable Library) |
Medium |
6.5 | snakeyaml-1.29.jar | Upgrade to version: org.yaml:snakeyaml:1.31 | #69 |
CVE-2022-38750Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.yaml/snakeyaml/1.29/6d0cdafb2010f1297e574656551d7145240f6e25/snakeyaml-1.29.jar Dependency Hierarchy: -> ❌ snakeyaml-1.29.jar (Vulnerable Library) |
Medium |
6.5 | snakeyaml-1.29.jar | Upgrade to version: org.yaml:snakeyaml:1.31 | #69 |
CVE-2022-38749Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.yaml/snakeyaml/1.29/6d0cdafb2010f1297e574656551d7145240f6e25/snakeyaml-1.29.jar Dependency Hierarchy: -> ❌ snakeyaml-1.29.jar (Vulnerable Library) |
Medium |
6.5 | snakeyaml-1.29.jar | Upgrade to version: org.yaml:snakeyaml:1.31 | #69 |
CVE-2021-30129Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.sshd/sshd-core/2.5.1/cc0e3cdb1e983211f94e4dffa40c0189e330aac3/sshd-core-2.5.1.jar Dependency Hierarchy: -> ❌ sshd-core-2.5.1.jar (Vulnerable Library) |
Medium |
6.5 | sshd-core-2.5.1.jar | Upgrade to version: org.apache.sshd:sshd-core:2.7.0 | #74 |
CVE-2024-43045Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.jenkins-ci.main/jenkins-core/2.426.3/eee94c4c0c78e715d2a599eb66a5a89c5eed9d18/jenkins-core-2.426.3.jar Dependency Hierarchy: -> ❌ jenkins-core-2.426.3.jar (Vulnerable Library) |
Medium |
6.3 | jenkins-core-2.426.3.jar | Upgrade to version: org.jenkins-ci.main:jenkins-core:2.452.4,2.462.1,2.471 | #437 |
CVE-2024-41909Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.sshd/sshd-core/2.5.1/cc0e3cdb1e983211f94e4dffa40c0189e330aac3/sshd-core-2.5.1.jar Dependency Hierarchy: -> ❌ sshd-core-2.5.1.jar (Vulnerable Library) |
Medium |
5.9 | sshd-core-2.5.1.jar | Upgrade to version: org.apache.sshd:sshd-common:2.12.0, org.apache.sshd:sshd-core:2.12.0 | #74 |
CVE-2024-41909Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.sshd/sshd-common/2.5.1/a93d53383d602ad27f7fda5a6d6450a68729b804/sshd-common-2.5.1.jar Dependency Hierarchy: -> ❌ sshd-common-2.5.1.jar (Vulnerable Library) |
Medium |
5.9 | sshd-common-2.5.1.jar | Upgrade to version: org.apache.sshd:sshd-common:2.12.0, org.apache.sshd:sshd-core:2.12.0 | #60 |
CVE-2023-48795Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.sshd/sshd-core/2.5.1/cc0e3cdb1e983211f94e4dffa40c0189e330aac3/sshd-core-2.5.1.jar Dependency Hierarchy: -> ❌ sshd-core-2.5.1.jar (Vulnerable Library) |
Medium |
5.9 | sshd-core-2.5.1.jar | Upgrade to version: putty - 0.80, openssh - V_9_6_P1, golang/crypto - v0.17.0, asyncssh - 2.14.2, libssh-0.9.8, libssh-0.10.6, teraterm - v5.1, paramiko - 3.4.0, russh - 0.40.2, com.github.mwiede:jsch:0.2.15, proftpd - v1.3.8b, thrussh - 0.35.1, teraterm - v5.1, org.connectbot:sshlib:2.2.22, mscdex/ssh2 - 1.15.0, jtesta/ssh-audit - v3.1.0, Oryx-Embedded/CycloneSSH - v2.3.4, opnsense/src - 23.7, winscp - 6.2.2, PowerShell/openssh-portable - v9.5.0.0 | #74 |
CVE-2023-48795Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.sshd/sshd-common/2.5.1/a93d53383d602ad27f7fda5a6d6450a68729b804/sshd-common-2.5.1.jar Dependency Hierarchy: -> ❌ sshd-common-2.5.1.jar (Vulnerable Library) |
Medium |
5.9 | sshd-common-2.5.1.jar | Upgrade to version: putty - 0.80, openssh - V_9_6_P1, golang/crypto - v0.17.0, asyncssh - 2.14.2, libssh-0.9.8, libssh-0.10.6, teraterm - v5.1, paramiko - 3.4.0, russh - 0.40.2, com.github.mwiede:jsch:0.2.15, proftpd - v1.3.8b, thrussh - 0.35.1, teraterm - v5.1, org.connectbot:sshlib:2.2.22, mscdex/ssh2 - 1.15.0, jtesta/ssh-audit - v3.1.0, Oryx-Embedded/CycloneSSH - v2.3.4, opnsense/src - 23.7, winscp - 6.2.2, PowerShell/openssh-portable - v9.5.0.0 | #60 |
CVE-2022-41854Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.yaml/snakeyaml/1.29/6d0cdafb2010f1297e574656551d7145240f6e25/snakeyaml-1.29.jar Dependency Hierarchy: -> ❌ snakeyaml-1.29.jar (Vulnerable Library) |
Medium |
5.8 | snakeyaml-1.29.jar | Upgrade to version: org.yaml:snakeyaml:1.32 | #69 |
CVE-2024-26308Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.commons/commons-compress/1.24.0/b4b1b5a3d9573b2970fddab236102c0a4d27d35e/commons-compress-1.24.0.jar Dependency Hierarchy: -> jenkins-core-2.426.3.jar (Root Library) -> ❌ commons-compress-1.24.0.jar (Vulnerable Library) |
Medium |
5.5 | commons-compress-1.24.0.jar | Upgrade to version: org.apache.commons:commons-compress:1.26.0 | #437 |
CVE-2022-4065Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.testng/testng/7.5/1416a607fae667c14e390b484e8d02b5824c0674/testng-7.5.jar Dependency Hierarchy: -> groovy-all-3.0.15-groovydoc.jar (Root Library) -> groovy-testng-3.0.15.jar -> ❌ testng-7.5.jar (Vulnerable Library) |
Medium |
5.5 | testng-7.5.jar | Upgrade to version: org.testng:testng:7.7.0 | #224 |
CVE-2024-38809Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.springframework/spring-web/5.3.29/4cd333e48d9a05d05c05ae7426242ecfe4cfb681/spring-web-5.3.29.jar Dependency Hierarchy: -> jenkins-core-2.426.3.jar (Root Library) -> spring-security-web-5.8.7.jar -> ❌ spring-web-5.3.29.jar (Vulnerable Library) |
Medium |
5.3 | spring-web-5.3.29.jar | Upgrade to version: org.springframework:spring-web:5.3.38,6.0.23,6.1.12 | #437 |
CVE-2024-34146Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.jenkins-ci.plugins/git-server/1.10/e24b71bfe330ea7cfbc1ecc1e1cfa35ebc1e9956/git-server-1.10.jar Dependency Hierarchy: -> ❌ git-server-1.10.jar (Vulnerable Library) |
Medium |
5.3 | git-server-1.10.jar | Upgrade to version: org.jenkins-ci.plugins:git-server:117.veb_68868fa_027 | #370 |
CVE-2023-35887Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.sshd/sshd-core/2.5.1/cc0e3cdb1e983211f94e4dffa40c0189e330aac3/sshd-core-2.5.1.jar Dependency Hierarchy: -> ❌ sshd-core-2.5.1.jar (Vulnerable Library) |
Medium |
5.0 | sshd-core-2.5.1.jar | Upgrade to version: org.apache.sshd:sshd-core:2.10.0, org.apache.sshd:sshd-common:2.10.0, org.apache.sshd:sshd-sftp:2.10.0, org.apache.sshd:sshd-osgi:2.10.0 | #74 |
CVE-2023-35887Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.sshd/sshd-common/2.5.1/a93d53383d602ad27f7fda5a6d6450a68729b804/sshd-common-2.5.1.jar Dependency Hierarchy: -> ❌ sshd-common-2.5.1.jar (Vulnerable Library) |
Medium |
5.0 | sshd-common-2.5.1.jar | Upgrade to version: org.apache.sshd:sshd-core:2.10.0, org.apache.sshd:sshd-common:2.10.0, org.apache.sshd:sshd-sftp:2.10.0, org.apache.sshd:sshd-osgi:2.10.0 | #60 |
CVE-2024-47805Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.jenkins-ci.plugins/credentials/1112.vc87b_7a_3597f6/9e0445995dd060a789793f254d8fdccc01bf398a/credentials-1112.vc87b_7a_3597f6.jar Dependency Hierarchy: -> ❌ credentials-1112.vc87b_7a_3597f6.jar (Vulnerable Library) |
Medium |
4.3 | credentials-1112.vc87b_7a_3597f6.jar | Upgrade to version: org.jenkins-ci.plugins:credentials:1381.v2c3a_12074da_b_ | #518 |
CVE-2024-47804Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.jenkins-ci.main/jenkins-core/2.426.3/eee94c4c0c78e715d2a599eb66a5a89c5eed9d18/jenkins-core-2.426.3.jar Dependency Hierarchy: -> ❌ jenkins-core-2.426.3.jar (Vulnerable Library) |
Medium |
4.3 | jenkins-core-2.426.3.jar | Upgrade to version: org.jenkins-ci.main:jenkins-core:2.462.3,2.479 | #437 |
CVE-2024-47803Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.jenkins-ci.main/jenkins-core/2.426.3/eee94c4c0c78e715d2a599eb66a5a89c5eed9d18/jenkins-core-2.426.3.jar Dependency Hierarchy: -> ❌ jenkins-core-2.426.3.jar (Vulnerable Library) |
Medium |
4.3 | jenkins-core-2.426.3.jar | Upgrade to version: org.jenkins-ci.main:jenkins-core:2.462.3,2.479 | #437 |
CVE-2024-38808Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.springframework/spring-expression/5.3.29/44ac795a057c4a6360063801c54a2d148e5a2808/spring-expression-5.3.29.jar Dependency Hierarchy: -> jenkins-core-2.426.3.jar (Root Library) -> spring-security-web-5.8.7.jar -> ❌ spring-expression-5.3.29.jar (Vulnerable Library) |
Medium |
4.3 | spring-expression-5.3.29.jar | Upgrade to version: org.springframework:spring-expression:5.3.39 | #437 |
CVE-2023-40338Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.jenkins-ci.plugins/cloudbees-folder/6.16/53b5e0e56eb9041b71922bed842689c948bce5f9/cloudbees-folder-6.16.jar Dependency Hierarchy: -> ❌ cloudbees-folder-6.16.jar (Vulnerable Library) |
Medium |
4.3 | cloudbees-folder-6.16.jar | Upgrade to version: org.jenkins-ci.plugins:cloudbees-folder:6.848.ve3b_fd7839a_81 | #283 |
CVE-2023-40337Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.jenkins-ci.plugins/cloudbees-folder/6.16/53b5e0e56eb9041b71922bed842689c948bce5f9/cloudbees-folder-6.16.jar Dependency Hierarchy: -> ❌ cloudbees-folder-6.16.jar (Vulnerable Library) |
Medium |
4.3 | cloudbees-folder-6.16.jar | Upgrade to version: org.jenkins-ci.plugins:cloudbees-folder:6.848.ve3b_fd7839a_81 | #283 |
CVE-2024-39458Path to dependency file: /build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.jenkins-ci.plugins/structs/324.va_f5d6774f3a_d/339785cad419455d387faa8332e419d0c70874f7/structs-324.va_f5d6774f3a_d.jar Dependency Hierarchy: -> ❌ structs-324.va_f5d6774f3a_d.jar (Vulnerable Library) |
 Low |
3.1 | structs-324.va_f5d6774f3a_d.jar | Upgrade to version: org.jenkins-ci.plugins:structs:338.v848422169819 | #453 |
Total libraries scanned: 296
Scan token: ba4086f74e7845f8932a56ed6a869b51