{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":127151303,"defaultBranch":"main","name":"oauth1-signer-java","ownerLogin":"Mastercard","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2018-03-28T14:18:24.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/1653148?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1711122951.0","currentOid":""},"activityList":{"items":[{"before":"1f76c82a82fedbdfb3f8efb7e394fd5d76e9a000","after":null,"ref":"refs/heads/ShimonaR-MC-patch-1","pushedAt":"2024-03-22T15:19:18.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"ShimonaR-MC","name":null,"path":"/ShimonaR-MC","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/118438569?s=80&v=4"}},{"before":"1f34f415df000d1ade978dfb8ac689e60cdbe657","after":"3913091fb555ced299531a1844f00be0d2cd76c1","ref":"refs/heads/main","pushedAt":"2024-03-22T15:13:05.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"karen-avetisyan-mc","name":null,"path":"/karen-avetisyan-mc","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/117922723?s=80&v=4"},"commit":{"message":"Merge pull request #41 from Mastercard/ShimonaR-MC-patch-1\n\nUpdating version to 1.5.3","shortMessageHtmlLink":"Merge pull request <a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2202673677\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Mastercard/oauth1-signer-java/issues/41\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Mastercard/oauth1-signer-java/pull/41/hovercard\" href=\"https://github.com/Mastercard/oauth1-signer-java/pull/41\">#41</a> from Mastercard/ShimonaR-MC-patch-1"}},{"before":null,"after":"1f76c82a82fedbdfb3f8efb7e394fd5d76e9a000","ref":"refs/heads/ShimonaR-MC-patch-1","pushedAt":"2024-03-22T14:46:04.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"ShimonaR-MC","name":null,"path":"/ShimonaR-MC","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/118438569?s=80&v=4"},"commit":{"message":"Updating version to 1.5.3","shortMessageHtmlLink":"Updating version to 1.5.3"}},{"before":"dba57991585827ff78a8f665add2e6630a220e47","after":null,"ref":"refs/heads/spring-web-upgrade","pushedAt":"2024-03-22T13:46:38.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"ShimonaR-MC","name":null,"path":"/ShimonaR-MC","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/118438569?s=80&v=4"}},{"before":"43989e3dbde0ea5bfd8bf0444df0110cd8f1eeb0","after":"1f34f415df000d1ade978dfb8ac689e60cdbe657","ref":"refs/heads/main","pushedAt":"2024-03-22T10:47:18.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"ShimonaR-MC","name":null,"path":"/ShimonaR-MC","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/118438569?s=80&v=4"},"commit":{"message":"spring-web upgrade to 5.3.33 (#40)\n\n* Update pom.xml\r\n\r\n* Update pom.xml","shortMessageHtmlLink":"spring-web upgrade to 5.3.33 (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2202209431\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Mastercard/oauth1-signer-java/issues/40\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Mastercard/oauth1-signer-java/pull/40/hovercard\" href=\"https://github.com/Mastercard/oauth1-signer-java/pull/40\">#40</a>)"}},{"before":"82651d951d49cfb8662000b7c391612eeb7eda1c","after":"dba57991585827ff78a8f665add2e6630a220e47","ref":"refs/heads/spring-web-upgrade","pushedAt":"2024-03-22T10:30:56.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"ShimonaR-MC","name":null,"path":"/ShimonaR-MC","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/118438569?s=80&v=4"},"commit":{"message":"Update pom.xml","shortMessageHtmlLink":"Update pom.xml"}},{"before":"43989e3dbde0ea5bfd8bf0444df0110cd8f1eeb0","after":"82651d951d49cfb8662000b7c391612eeb7eda1c","ref":"refs/heads/spring-web-upgrade","pushedAt":"2024-03-22T10:22:20.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"ShimonaR-MC","name":null,"path":"/ShimonaR-MC","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/118438569?s=80&v=4"},"commit":{"message":"Update pom.xml","shortMessageHtmlLink":"Update pom.xml"}},{"before":null,"after":"43989e3dbde0ea5bfd8bf0444df0110cd8f1eeb0","ref":"refs/heads/spring-web-upgrade","pushedAt":"2024-03-22T10:19:32.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"ShimonaR-MC","name":null,"path":"/ShimonaR-MC","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/118438569?s=80&v=4"},"commit":{"message":"Spring Web vulnerable to Open Redirect or Server Side Request Forgery (#39)\n\nPackage\r\nAffected versions\r\nPatched version\r\norg.springframework:spring-web\r\n(Maven)\r\n>= 5.3.0, < 5.3.32\r\n5.3.32\r\nApplications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect attack or to a SSRF attack if the URL is used after passing validation checks.","shortMessageHtmlLink":"Spring Web vulnerable to Open Redirect or Server Side Request Forgery (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2195296167\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Mastercard/oauth1-signer-java/issues/39\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Mastercard/oauth1-signer-java/pull/39/hovercard\" href=\"https://github.com/Mastercard/oauth1-signer-java/pull/39\">…</a>"}},{"before":"1264c95ae56db91760f618602cd528d01f20d74e","after":"43989e3dbde0ea5bfd8bf0444df0110cd8f1eeb0","ref":"refs/heads/main","pushedAt":"2024-03-22T06:33:31.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"ShimonaR-MC","name":null,"path":"/ShimonaR-MC","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/118438569?s=80&v=4"},"commit":{"message":"Spring Web vulnerable to Open Redirect or Server Side Request Forgery (#39)\n\nPackage\r\nAffected versions\r\nPatched version\r\norg.springframework:spring-web\r\n(Maven)\r\n>= 5.3.0, < 5.3.32\r\n5.3.32\r\nApplications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect attack or to a SSRF attack if the URL is used after passing validation checks.","shortMessageHtmlLink":"Spring Web vulnerable to Open Redirect or Server Side Request Forgery (<a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2195296167\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Mastercard/oauth1-signer-java/issues/39\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Mastercard/oauth1-signer-java/pull/39/hovercard\" href=\"https://github.com/Mastercard/oauth1-signer-java/pull/39\">…</a>"}},{"before":"27e28d30c0c5178deab728d783d82182b6a652ae","after":"004b23d94dc1d3852ffb63c82f0326d3148b630f","ref":"refs/heads/security-issue-springweb","pushedAt":"2024-03-19T15:30:59.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"karen-avetisyan-mc","name":null,"path":"/karen-avetisyan-mc","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/117922723?s=80&v=4"},"commit":{"message":"Spring Web vulnerable to Open Redirect or Server Side Request Forgery\n\nPackage\r\nAffected versions\r\nPatched version\r\norg.springframework:spring-web\r\n(Maven)\r\n>= 5.3.0, < 5.3.32\r\n5.3.32\r\nApplications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect attack or to a SSRF attack if the URL is used after passing validation checks.","shortMessageHtmlLink":"Spring Web vulnerable to Open Redirect or Server Side Request Forgery"}},{"before":"ed412e119d698a65a336cae6dd41cae75a0050f1","after":"1264c95ae56db91760f618602cd528d01f20d74e","ref":"refs/heads/main","pushedAt":"2024-03-19T15:23:23.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"karen-avetisyan-mc","name":null,"path":"/karen-avetisyan-mc","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/117922723?s=80&v=4"},"commit":{"message":"Merge pull request #38 from Mastercard/security-issue-springweb\n\nFixing Security Vulnerability","shortMessageHtmlLink":"Merge pull request <a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2194715147\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Mastercard/oauth1-signer-java/issues/38\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Mastercard/oauth1-signer-java/pull/38/hovercard\" href=\"https://github.com/Mastercard/oauth1-signer-java/pull/38\">#38</a> from Mastercard/security-issue-springweb"}},{"before":"1ab2cb08aa3e8763438d6ee3f89d754c00b3aea0","after":"27e28d30c0c5178deab728d783d82182b6a652ae","ref":"refs/heads/security-issue-springweb","pushedAt":"2024-03-19T11:35:17.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"karen-avetisyan-mc","name":null,"path":"/karen-avetisyan-mc","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/117922723?s=80&v=4"},"commit":{"message":"Fixing Security Vulnerability\n\nSpring Framework URL Parsing with Host Validation Vulnerability\nspring-web from 5.2.8.RELEASE to 5.3.3","shortMessageHtmlLink":"Fixing Security Vulnerability"}},{"before":null,"after":"1ab2cb08aa3e8763438d6ee3f89d754c00b3aea0","ref":"refs/heads/security-issue-springweb","pushedAt":"2024-03-19T11:29:04.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"karen-avetisyan-mc","name":null,"path":"/karen-avetisyan-mc","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/117922723?s=80&v=4"},"commit":{"message":"Fixing Security Vulnerability\n\nSpring Framework URL Parsing with Host Validation Vulnerability\nspring-web from 5.2.8.RELEASE to 6.0.0","shortMessageHtmlLink":"Fixing Security Vulnerability"}},{"before":"7f5016abc6735795dcd9bc2f7fb3b62369ef7821","after":"ed412e119d698a65a336cae6dd41cae75a0050f1","ref":"refs/heads/main","pushedAt":"2024-02-29T16:33:38.000Z","pushType":"pr_merge","commitsCount":6,"pusher":{"login":"rfeelin","name":null,"path":"/rfeelin","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/3427219?s=80&v=4"},"commit":{"message":"Merge pull request #36 from rfeelin/main\n\nFixing Sonar and Github action issues","shortMessageHtmlLink":"Merge pull request <a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2161609649\" data-permission-text=\"Title is private\" data-url=\"https://github.com/Mastercard/oauth1-signer-java/issues/36\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/Mastercard/oauth1-signer-java/pull/36/hovercard\" href=\"https://github.com/Mastercard/oauth1-signer-java/pull/36\">#36</a> from rfeelin/main"}},{"before":"f63b25f4d00ac1e87fbdeb4eec6ebcad692f3d5c","after":null,"ref":"refs/heads/feature/test-sonar","pushedAt":"2024-02-29T12:02:08.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"rfeelin","name":null,"path":"/rfeelin","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/3427219?s=80&v=4"}},{"before":"0eb862373f40f276a1e034773159f665466f5e68","after":"f63b25f4d00ac1e87fbdeb4eec6ebcad692f3d5c","ref":"refs/heads/feature/test-sonar","pushedAt":"2024-02-29T11:57:53.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"rfeelin","name":null,"path":"/rfeelin","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/3427219?s=80&v=4"},"commit":{"message":"Update SecurityUtils.java","shortMessageHtmlLink":"Update SecurityUtils.java"}},{"before":"7bbcfaef75a780c5acce2236673d642ba059c969","after":"7f5016abc6735795dcd9bc2f7fb3b62369ef7821","ref":"refs/heads/main","pushedAt":"2024-02-29T11:56:53.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"rfeelin","name":null,"path":"/rfeelin","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/3427219?s=80&v=4"},"commit":{"message":"Update README.md","shortMessageHtmlLink":"Update README.md"}},{"before":"0eb862373f40f276a1e034773159f665466f5e68","after":"7bbcfaef75a780c5acce2236673d642ba059c969","ref":"refs/heads/main","pushedAt":"2024-02-29T11:54:21.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"rfeelin","name":null,"path":"/rfeelin","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/3427219?s=80&v=4"},"commit":{"message":"Update README.md","shortMessageHtmlLink":"Update README.md"}},{"before":null,"after":"0eb862373f40f276a1e034773159f665466f5e68","ref":"refs/heads/feature/test-sonar","pushedAt":"2024-02-29T11:53:45.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"rfeelin","name":null,"path":"/rfeelin","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/3427219?s=80&v=4"},"commit":{"message":"Update README.md","shortMessageHtmlLink":"Update README.md"}},{"before":"7a5e5dd5b710c659f1296ae1c24ae0ecab38e091","after":"0eb862373f40f276a1e034773159f665466f5e68","ref":"refs/heads/main","pushedAt":"2024-01-19T12:01:17.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"danny-gallagher","name":null,"path":"/danny-gallagher","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/50239900?s=80&v=4"},"commit":{"message":"Update README.md","shortMessageHtmlLink":"Update README.md"}},{"before":"9eba3c98fe49e407885baeebd3c1f12f6bef02e3","after":null,"ref":"refs/heads/dependabot/maven/org.springframework-spring-web-6.0.0","pushedAt":"2023-05-25T15:15:33.599Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}},{"before":"a49928e0d3ee1f96db926d3636db9eb4309f57e6","after":"9eba3c98fe49e407885baeebd3c1f12f6bef02e3","ref":"refs/heads/dependabot/maven/org.springframework-spring-web-6.0.0","pushedAt":"2023-05-25T15:06:24.825Z","pushType":"push","commitsCount":1,"pusher":{"login":"joseph-neeraj","name":null,"path":"/joseph-neeraj","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2377574?s=80&v=4"},"commit":{"message":"re-trigger checks","shortMessageHtmlLink":"re-trigger checks"}}],"hasNextPage":false,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAEHOGG-gA","startCursor":null,"endCursor":null}},"title":"Activity · Mastercard/oauth1-signer-java"}