You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Your project are using some dependencies with CVEs. I found the buggy methods of the CVEs are in the program execution path of your project, which makes your project at risk. I suggest a version update to increase the security of your project. Details are listed below:
Some files in your project call the library method org.apache.http.impl.client.HttpClientBuilder.build(), which can reach the buggy method of CVE-2013-4366.
Files in your project:
src/main/java/com/uber/jenkins/phabricator/conduit/ConduitAPIClient.java
Update suggestion: version 4.5.11
4.5.11 is a safe version without CVEs. From 4.3 to 4.5.11, 2 of the APIs (called by 3 times in your project) were modified.
The text was updated successfully, but these errors were encountered:
Your project are using some dependencies with CVEs. I found the buggy methods of the CVEs are in the program execution path of your project, which makes your project at risk. I suggest a version update to increase the security of your project. Details are listed below:
Vulnerable Dependency: org.apache.httpcomponents : httpclient : 4.3
Call Chain to Buggy Methods:
Some files in your project call the library method org.apache.http.impl.client.HttpClientBuilder.build(), which can reach the buggy method of CVE-2013-4366.
src/main/java/com/uber/jenkins/phabricator/conduit/ConduitAPIClient.java
Update suggestion: version 4.5.11
4.5.11 is a safe version without CVEs. From 4.3 to 4.5.11, 2 of the APIs (called by 3 times in your project) were modified.
The text was updated successfully, but these errors were encountered: