[Backport 2.19-dev] Support full expression in WHERE clauses (#3849)#3904
Security Report
2 new vulnerabilities were introduced in this branch.
❌ New vulnerabilities:
| Vulnerability | Severity | Vulnerable Library | Suggested Fix | Issue | |
|---|---|---|---|---|---|
CVE-2025-48924Path to dependency file: /core/build.gradle Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/commons-lang/commons-lang/2.4/16313e02a793435009f1e458fa4af5d879f6fb11/commons-lang-2.4.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/commons-lang/commons-lang/2.4/16313e02a793435009f1e458fa4af5d879f6fb11/commons-lang-2.4.jar Dependency Hierarchy: -> calcite-testkit-1.38.0.jar (Root Library) -> calcite-core-1.38.0.jar -> aggdesigner-algorithm-6.0.jar -> ❌ commons-lang-2.4.jar (Vulnerable Library) |
5.3 | commons-lang-2.4.jar | Upgrade to version: org.apache.commons:commons-lang3:3.18.0 | None | |
CVE-2025-48924Path to dependency file: /legacy/build.gradle Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.commons/commons-lang3/3.13.0/b7263237aa89c1f99b327197c41d0669707a462e/commons-lang3-3.13.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.commons/commons-lang3/3.13.0/b7263237aa89c1f99b327197c41d0669707a462e/commons-lang3-3.13.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.commons/commons-lang3/3.13.0/b7263237aa89c1f99b327197c41d0669707a462e/commons-lang3-3.13.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.commons/commons-lang3/3.13.0/b7263237aa89c1f99b327197c41d0669707a462e/commons-lang3-3.13.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.commons/commons-lang3/3.13.0/b7263237aa89c1f99b327197c41d0669707a462e/commons-lang3-3.13.0.jar Dependency Hierarchy: -> ❌ commons-lang3-3.13.0.jar (Vulnerable Library) |
5.3 | commons-lang3-3.13.0.jar | Upgrade to version: org.apache.commons:commons-lang3:3.18.0 | None |
Base branch total remaining vulnerabilities: 0
Base branch commit: 0a07684a3dae7be069b628ae666efaf667295f48
Total libraries scanned: 256
Scan token: dc6915174aed489e8a3e60b73ae130cb