Increment version to 2.16.1-SNAPSHOT (#2817)
Security Report
❌ New vulnerabilities:
| CVE | Severity |  CVSS Score |
Vulnerable Library | Suggested Fix | Issue |
|---|---|---|---|---|---|
CVE-2024-7254Path to dependency file: /common/build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/com.google.protobuf/protobuf-java/3.22.3/fdee98b8f6abab73f146a4edb4c09e56f8278d03/protobuf-java-3.22.3.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/com.google.protobuf/protobuf-java/3.22.3/fdee98b8f6abab73f146a4edb4c09e56f8278d03/protobuf-java-3.22.3.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/com.google.protobuf/protobuf-java/3.22.3/fdee98b8f6abab73f146a4edb4c09e56f8278d03/protobuf-java-3.22.3.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/com.google.protobuf/protobuf-java/3.22.3/fdee98b8f6abab73f146a4edb4c09e56f8278d03/protobuf-java-3.22.3.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/com.google.protobuf/protobuf-java/3.22.3/fdee98b8f6abab73f146a4edb4c09e56f8278d03/protobuf-java-3.22.3.jar Dependency Hierarchy: -> opensearch-2.16.1-SNAPSHOT.jar (Root Library) -> ❌ protobuf-java-3.22.3.jar (Vulnerable Library) |
 High |
7.5 | protobuf-java-3.22.3.jar | Upgrade to version: com.google.protobuf:protobuf-javalite - 3.25.5,4.28.2,4.27.5;com.google.protobuf:protobuf-java - 4.27.5,3.25.5,4.28.2 | None |
CVE-2023-4218Path to dependency file: /plugin/build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.eclipse.platform/org.eclipse.core.runtime/3.26.100/83c77ee0cfc948ea33f5054dda3f5c39250a7ed5/org.eclipse.core.runtime-3.26.100.jar Dependency Hierarchy: -> ❌ org.eclipse.core.runtime-3.26.100.jar (Vulnerable Library) |
 Medium |
5.0 | org.eclipse.core.runtime-3.26.100.jar | Upgrade to version: org.eclipse.core.runtime:3.29.0 | #1863 |
Base branch total remaining vulnerabilities: 1
Base branch commit: f4b472480390805e0a24de46d9781a665cfb6184
Total libraries scanned: 241
Scan token: 88f72fe36f7340a683ca5b9ea1a32fbb