Vulnerable dependencies #216

freedom1b2830 · 2022-12-30T02:58:20Z

useful tools:
https://github.com/google/osv-scanner

mvn versions:display-dependency-updates
mvn versions:display-plugin-updates

dependencies:

GHSA-269g-pwp5-87pp
GHSA-cj7v-27pg-wf7q
GHSA-26vr-8j45-3r4w


https://osv.dev/vulnerability/GHSA-269g-pwp5-87pp	junit:junit                  4.12            bt/bt-dht/the8472/mldht/pom.xml
https://osv.dev/vulnerability/GHSA-cj7v-27pg-wf7q	org.eclipse.jetty:jetty-http 8.2.0.v20160908 bt/bt-upnp/pom.xml             
https://osv.dev/vulnerability/GHSA-26vr-8j45-3r4w	org.eclipse.jetty:jetty-io   8.2.0.v20160908 bt/bt-upnp/pom.xml

Other dependencies (there are new versions, there is no information about the vulnerability):

Be careful with jetty, it's hard to update it)
https://www.eclipse.org/jetty/security_reports.php

all:

----------------< com.github.atomashpolskiy:bt-parent >-----------------
com.google.guava:guava .......................... 30.1-jre -> 31.1-jre
com.google.inject:guice ............................... 5.0.1 -> 5.1.0
com.google.jimfs:jimfs .................................... 1.1 -> 1.2
junit:junit ........................................... 4.12 -> 4.13.2
org.mockito:mockito-all ........................ 1.10.19 -> 2.0.2-beta
org.slf4j:slf4j-api .................................. 1.7.32 -> 2.0.6
org.slf4j:slf4j-simple ............................... 1.7.32 -> 2.0.6

---------------< com.github.atomashpolskiy:bt-bencoding >---------------
com.google.guava:guava .......................... 30.1-jre -> 31.1-jre
com.google.inject:guice ............................... 5.0.1 -> 5.1.0
com.google.jimfs:jimfs .................................... 1.1 -> 1.2
junit:junit ........................................... 4.12 -> 4.13.2
org.mockito:mockito-all ........................ 1.10.19 -> 2.0.2-beta
org.slf4j:slf4j-api .................................. 1.7.32 -> 2.0.6
org.slf4j:slf4j-simple ............................... 1.7.32 -> 2.0.6
org.yaml:snakeyaml ...................................... 1.17 -> 1.33
com.google.guava:guava .......................... 30.1-jre -> 31.1-jre
junit:junit ........................................... 4.12 -> 4.13.2
org.mockito:mockito-all ........................ 1.10.19 -> 2.0.2-beta
org.yaml:snakeyaml ...................................... 1.17 -> 1.33

-----------------< com.github.atomashpolskiy:bt-core >------------------
com.google.guava:guava .......................... 30.1-jre -> 31.1-jre
com.google.inject:guice ............................... 5.0.1 -> 5.1.0
com.google.jimfs:jimfs .................................... 1.1 -> 1.2
junit:junit ........................................... 4.12 -> 4.13.2
org.mockito:mockito-all ........................ 1.10.19 -> 2.0.2-beta
org.slf4j:slf4j-api .................................. 1.7.32 -> 2.0.6
org.slf4j:slf4j-simple ............................... 1.7.32 -> 2.0.6
com.google.inject:guice ............................... 5.0.1 -> 5.1.0
org.slf4j:slf4j-api .................................. 1.7.32 -> 2.0.6

----------< com.github.atomashpolskiy:bt-http-tracker-client >----------
com.google.guava:guava .......................... 30.1-jre -> 31.1-jre
com.google.inject:guice ............................... 5.0.1 -> 5.1.0
com.google.jimfs:jimfs .................................... 1.1 -> 1.2
junit:junit ........................................... 4.12 -> 4.13.2
org.apache.httpcomponents:httpclient ................ 4.5.13 -> 4.5.14
org.mockito:mockito-all ........................ 1.10.19 -> 2.0.2-beta
org.slf4j:slf4j-api .................................. 1.7.32 -> 2.0.6
org.slf4j:slf4j-simple ............................... 1.7.32 -> 2.0.6
junit:junit ........................................... 4.12 -> 4.13.2
org.apache.httpcomponents:httpclient ................ 4.5.13 -> 4.5.14
org.mockito:mockito-all ........................ 1.10.19 -> 2.0.2-beta

------------------------< mldht.core:libmldht >-------------------------
junit:junit ........................................... 4.12 -> 4.13.2
net.i2p.crypto:eddsa .................................. 0.2.0 -> 0.3.0
org.codehaus.plexus:plexus-compiler-eclipse ............ 2.5 -> 2.13.0



-----------------< com.github.atomashpolskiy:bt-tests >-----------------
com.google.guava:guava .......................... 30.1-jre -> 31.1-jre
com.google.inject:guice ............................... 5.0.1 -> 5.1.0
com.google.jimfs:jimfs .................................... 1.1 -> 1.2
junit:junit ........................................... 4.12 -> 4.13.2
org.mockito:mockito-all ........................ 1.10.19 -> 2.0.2-beta
org.slf4j:slf4j-api .................................. 1.7.32 -> 2.0.6
org.slf4j:slf4j-simple ............................... 1.7.32 -> 2.0.6
com.google.jimfs:jimfs .................................... 1.1 -> 1.2
junit:junit ........................................... 4.12 -> 4.13.2
org.mockito:mockito-all ........................ 1.10.19 -> 2.0.2-beta
org.slf4j:slf4j-simple ............................... 1.7.32 -> 2.0.6

--------------< com.github.atomashpolskiy:bt-dht-parent >---------------
com.google.guava:guava .......................... 30.1-jre -> 31.1-jre
com.google.inject:guice ............................... 5.0.1 -> 5.1.0
com.google.jimfs:jimfs .................................... 1.1 -> 1.2
junit:junit ........................................... 4.12 -> 4.13.2
org.mockito:mockito-all ........................ 1.10.19 -> 2.0.2-beta
org.slf4j:slf4j-api .................................. 1.7.32 -> 2.0.6
org.slf4j:slf4j-simple ............................... 1.7.32 -> 2.0.6

------------------< com.github.atomashpolskiy:bt-dht >------------------
com.google.guava:guava .......................... 30.1-jre -> 31.1-jre
com.google.inject:guice ............................... 5.0.1 -> 5.1.0
com.google.jimfs:jimfs .................................... 1.1 -> 1.2
junit:junit ........................................... 4.12 -> 4.13.2
org.mockito:mockito-all ........................ 1.10.19 -> 2.0.2-beta
org.slf4j:slf4j-api .................................. 1.7.32 -> 2.0.6
org.slf4j:slf4j-simple ............................... 1.7.32 -> 2.0.6

-----------------< com.github.atomashpolskiy:bt-upnp >------------------
com.google.guava:guava .......................... 30.1-jre -> 31.1-jre
com.google.inject:guice ............................... 5.0.1 -> 5.1.0
com.google.jimfs:jimfs .................................... 1.1 -> 1.2
junit:junit ........................................... 4.12 -> 4.13.2
org.mockito:mockito-all ........................ 1.10.19 -> 2.0.2-beta
org.slf4j:slf4j-api .................................. 1.7.32 -> 2.0.6
org.slf4j:slf4j-simple ............................... 1.7.32 -> 2.0.6
org.eclipse.jetty:jetty-client ...... 8.2.0.v20160908 -> 12.0.0.alpha3
org.eclipse.jetty:jetty-http ........ 8.2.0.v20160908 -> 12.0.0.alpha3
org.eclipse.jetty:jetty-io .......... 8.2.0.v20160908 -> 12.0.0.alpha3
org.eclipse.jetty:jetty-servlet ........... 8.2.0.v20160908 -> 11.0.13
org.eclipse.jetty:jetty-util ........ 8.2.0.v20160908 -> 12.0.0.alpha3

------------------< com.github.atomashpolskiy:bt-cli >------------------
com.google.guava:guava .......................... 30.1-jre -> 31.1-jre
com.google.inject:guice ............................... 5.0.1 -> 5.1.0
com.google.jimfs:jimfs .................................... 1.1 -> 1.2
junit:junit ........................................... 4.12 -> 4.13.2
org.mockito:mockito-all ........................ 1.10.19 -> 2.0.2-beta
org.slf4j:slf4j-api .................................. 1.7.32 -> 2.0.6
org.slf4j:slf4j-simple ............................... 1.7.32 -> 2.0.6
com.googlecode.lanterna:lanterna ............... 3.1.1 -> 3.2.0-alpha1
net.sf.jopt-simple:jopt-simple .................. 5.0.2 -> 6.0-alpha-3
org.apache.logging.log4j:log4j-core ................. 2.17.0 -> 2.19.0
org.apache.logging.log4j:log4j-slf4j-impl ........... 2.17.0 -> 2.19.0
org.slf4j:jul-to-slf4j ............................... 1.7.32 -> 2.0.6

-----------------< com.github.atomashpolskiy:examples >-----------------
com.google.guava:guava .......................... 30.1-jre -> 31.1-jre
com.google.inject:guice ............................... 5.0.1 -> 5.1.0
com.google.jimfs:jimfs .................................... 1.1 -> 1.2
junit:junit ........................................... 4.12 -> 4.13.2
org.mockito:mockito-all ........................ 1.10.19 -> 2.0.2-beta
org.slf4j:slf4j-api .................................. 1.7.32 -> 2.0.6
org.slf4j:slf4j-simple ............................... 1.7.32 -> 2.0.6
com.google.jimfs:jimfs .................................... 1.1 -> 1.2
org.apache.logging.log4j:log4j-core ................. 2.17.0 -> 2.19.0
org.apache.logging.log4j:log4j-slf4j-impl ........... 2.17.0 -> 2.19.0

--------------< com.github.atomashpolskiy:jacoco-report >---------------
com.google.guava:guava .......................... 30.1-jre -> 31.1-jre
com.google.inject:guice ............................... 5.0.1 -> 5.1.0
com.google.jimfs:jimfs .................................... 1.1 -> 1.2
junit:junit ........................................... 4.12 -> 4.13.2
org.mockito:mockito-all ........................ 1.10.19 -> 2.0.2-beta
org.slf4j:slf4j-api .................................. 1.7.32 -> 2.0.6
org.slf4j:slf4j-simple ............................... 1.7.32 -> 2.0.6

summary info:

com.googlecode.lanterna:lanterna ............... 3.1.1 -> 3.2.0-alpha1
com.google.guava:guava .......................... 30.1-jre -> 31.1-jre
com.google.inject:guice ............................... 5.0.1 -> 5.1.0
com.google.jimfs:jimfs .................................... 1.1 -> 1.2
junit:junit ........................................... 4.12 -> 4.13.2
net.i2p.crypto:eddsa .................................. 0.2.0 -> 0.3.0
net.sf.jopt-simple:jopt-simple .................. 5.0.2 -> 6.0-alpha-3
org.apache.httpcomponents:httpclient ................ 4.5.13 -> 4.5.14
org.apache.logging.log4j:log4j-core ................. 2.17.0 -> 2.19.0
org.apache.logging.log4j:log4j-slf4j-impl ........... 2.17.0 -> 2.19.0
org.codehaus.plexus:plexus-compiler-eclipse ............ 2.5 -> 2.13.0
org.eclipse.jetty:jetty-client ...... 8.2.0.v20160908 -> 12.0.0.alpha3
org.eclipse.jetty:jetty-http ........ 8.2.0.v20160908 -> 12.0.0.alpha3
org.eclipse.jetty:jetty-io .......... 8.2.0.v20160908 -> 12.0.0.alpha3
org.eclipse.jetty:jetty-servlet ........... 8.2.0.v20160908 -> 11.0.13
org.eclipse.jetty:jetty-util ........ 8.2.0.v20160908 -> 12.0.0.alpha3
org.mockito:mockito-all ........................ 1.10.19 -> 2.0.2-beta
org.slf4j:jul-to-slf4j ............................... 1.7.32 -> 2.0.6
org.slf4j:slf4j-api .................................. 1.7.32 -> 2.0.6
org.slf4j:slf4j-simple ............................... 1.7.32 -> 2.0.6
org.yaml:snakeyaml ...................................... 1.17 -> 1.33

The text was updated successfully, but these errors were encountered:

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Vulnerable dependencies #216

Vulnerable dependencies #216

freedom1b2830 commented Dec 30, 2022

Vulnerable dependencies #216

Vulnerable dependencies #216

Comments

freedom1b2830 commented Dec 30, 2022