Skip to content

[Snyk] Security upgrade org.springframework:spring-webmvc from 5.0.2.RELEASE to 5.2.23.RELEASE#1122

Merged
mergify[bot] merged 5 commits intomasterfrom
snyk-fix-7c706b7dc3407f27a6d0a73e5db9d682
Sep 11, 2023
Merged

[Snyk] Security upgrade org.springframework:spring-webmvc from 5.0.2.RELEASE to 5.2.23.RELEASE#1122
mergify[bot] merged 5 commits intomasterfrom
snyk-fix-7c706b7dc3407f27a6d0a73e5db9d682

Conversation

@snyk-bot
Copy link
Copy Markdown

@snyk-bot snyk-bot commented Apr 1, 2023

Snyk has created this PR to fix one or more vulnerable packages in the `maven` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • spring-web-modules/spring-mvc-crash/pom.xml

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Upgrade Breaking Change Exploit Maturity Reachability
medium severity 465/1000
Why? Recently disclosed, Has a fix available, CVSS 5.3		 Allocation of Resources Without Limits or Throttling
SNYK-JAVA-ORGSPRINGFRAMEWORK-3369749		 org.springframework:spring-webmvc:
5.0.2.RELEASE -> 5.2.23.RELEASE
No No Known Exploit No Path Found

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Allocation of Resources Without Limits or Throttling

@restyled-io restyled-io bot mentioned this pull request Apr 1, 2023
Merged
This was referenced Apr 10, 2023
Merged
Merged
restyled-io bot and others added 2 commits September 11, 2023 21:20
@restyled-io @restyled-commits
Restyled by whitespace (#1123)
33069cf 
Co-authored-by: Restyled.io <commits@restyled.io>
@restyled-commits
Restyled by jq
0f74f41
@restyled-io restyled-io bot mentioned this pull request Sep 11, 2023
Merged
mergify bot added 2 commits September 11, 2023 18:22
@mergify
Merge pull request #1229 from Centaurioun/restyled/snyk-fix-7c706b7dc…
5fd13cc 
…3407f27a6d0a73e5db9d682

Restyle [Snyk] Security upgrade org.springframework:spring-webmvc from 5.0.2.RELEASE to 5.2.23.RELEASE
@mergify
Merge branch 'master' into snyk-fix-7c706b7dc3407f27a6d0a73e5db9d682
def8db4
@mergify mergify bot merged commit 924fc82 into master Sep 11, 2023
@mergify mergify bot deleted the snyk-fix-7c706b7dc3407f27a6d0a73e5db9d682 branch September 11, 2023 18:23
@reviewpad reviewpad bot requested a review from Centaurioun September 11, 2023 18:23
@reviewpad reviewpad bot added the small Pull request is small label Sep 11, 2023
@reviewpad
Copy link
Copy Markdown

reviewpad bot commented Sep 11, 2023
edited
Loading

Reviewpad Report

‼️ Errors

Co-authored-by: Restyled.io commits@restyled.io' (33069cf)

Restyle [Snyk] Security upgrade org.springframework:spring-webmvc from 5.0.2.RELEASE to 5.2.23.RELEASE' (5fd13cc)

  • Unconventional commit detected: 'Merge branch 'master' into snyk-fix-7c706b7dc3407f27a6d0a73e5db9d682' (def8db4)
  • Unconventional title detected: '[Snyk] Security upgrade org.springframework:spring-webmvc from 5.0.2.RELEASE to 5.2.23.RELEASE' illegal '[' character in commit message type: col=00

⚠️ Warnings

  • Please link an issue to the pull request
  • Please rebase your pull request on the latest changes

@snyk-bot snyk-bot mentioned this pull request Sep 16, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Centaurioun Centaurioun Awaiting requested review from Centaurioun

Assignees

No one assigned

Labels

small Pull request is small

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@snyk-bot @restyled-commits