[Snyk] Security upgrade com.cloudera.oryx:oryx-api from 2.7.0-SNAPSHOT to 2.8.0 #312
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `maven` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Proof of Concept exploit, Has a fix available, CVSS 3.3
SNYK-JAVA-COMGOOGLEGUAVA-1015415
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 5.9
SNYK-JAVA-COMGOOGLEGUAVA-32236
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 3.3
SNYK-JAVA-COMGOOGLEGUAVA-5710356
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 8.8
SNYK-JAVA-COMGOOGLEPROTOBUF-173761
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 7.5
SNYK-JAVA-COMGOOGLEPROTOBUF-2331703
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 5.7
SNYK-JAVA-COMGOOGLEPROTOBUF-3040284
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 7.5
SNYK-JAVA-COMGOOGLEPROTOBUF-3167772
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 5.5
SNYK-JAVA-COMJAMESMURTYUTILS-3325621
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 3.7
SNYK-JAVA-COMMONSCODEC-561518
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 5.4
SNYK-JAVA-COMMONSHTTPCLIENT-30083
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 4.3
SNYK-JAVA-COMMONSHTTPCLIENT-31660
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Mature exploit, Has a fix available, CVSS 5.3
SNYK-JAVA-COMMONSIO-1277109
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Proof of Concept exploit, Has a fix available, CVSS 6.5
SNYK-JAVA-IONETTY-473214
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Proof of Concept exploit, Has a fix available, CVSS 6.5
SNYK-JAVA-IONETTY-473694
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JAVA-IONETTY-559515
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
SNYK-JAVA-IONETTY-559516
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 3.7
SNYK-JAVA-LOG4J-1300176
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Proof of Concept exploit, Has a fix available, CVSS 6.6
SNYK-JAVA-LOG4J-2316893
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 8.1
SNYK-JAVA-LOG4J-2342645
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 8.1
SNYK-JAVA-LOG4J-2342646
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 8.1
SNYK-JAVA-LOG4J-2342647
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 5.9
SNYK-JAVA-LOG4J-3358774
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Proof of Concept exploit, Has a fix available, CVSS 9.8
SNYK-JAVA-LOG4J-572732
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 6.5
SNYK-JAVA-ORGAPACHEDIRECTORYSERVER-1063040
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 6.5
SNYK-JAVA-ORGAPACHEHADOOP-2329722
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 5.3
SNYK-JAVA-ORGAPACHEHTTPCOMPONENTS-1048058
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 5.3
SNYK-JAVA-ORGAPACHEHTTPCOMPONENTS-31517
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 7.5
SNYK-JAVA-ORGBOUNCYCASTLE-1035561
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 5.3
SNYK-JAVA-ORGBOUNCYCASTLE-1296075
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 3.7
SNYK-JAVA-ORGBOUNCYCASTLE-173771
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Proof of Concept exploit, Has a fix available, CVSS 4.8
SNYK-JAVA-ORGBOUNCYCASTLE-2841508
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 7.5
SNYK-JAVA-ORGBOUNCYCASTLE-32340
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 7.5
SNYK-JAVA-ORGBOUNCYCASTLE-32361
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 7.5
SNYK-JAVA-ORGBOUNCYCASTLE-32362
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 5.9
SNYK-JAVA-ORGBOUNCYCASTLE-32363
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 7.5
SNYK-JAVA-ORGBOUNCYCASTLE-32364
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 3.7
SNYK-JAVA-ORGBOUNCYCASTLE-32365
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 7.4
SNYK-JAVA-ORGBOUNCYCASTLE-32366
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 5.9
SNYK-JAVA-ORGBOUNCYCASTLE-32367
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 7.4
SNYK-JAVA-ORGBOUNCYCASTLE-32368
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 4.7
SNYK-JAVA-ORGBOUNCYCASTLE-5771339
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Proof of Concept exploit, Has a fix available, CVSS 5.9
SNYK-JAVA-ORGCODEHAUSJACKSON-3038425
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Proof of Concept exploit, Has a fix available, CVSS 5.9
SNYK-JAVA-ORGCODEHAUSJACKSON-3038427
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 9.8
SNYK-JAVA-ORGCODEHAUSJACKSON-3326362
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 7.5
SNYK-JAVA-ORGCODEHAUSJACKSON-534878
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 7.5
SNYK-JAVA-XERCES-2359991
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 6.5
SNYK-JAVA-XERCES-30183
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Mature exploit, Has a fix available, CVSS 5.3
SNYK-JAVA-XERCES-31497
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 7.5
SNYK-JAVA-XERCES-31585
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 5.3
SNYK-JAVA-XERCES-32014
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 5.3
SNYK-JAVA-XERCES-5920442
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
Why? Has a fix available, CVSS 5.3
SNYK-JAVA-XERCES-608891
com.cloudera.oryx:oryx-api:
2.7.0-SNAPSHOT -> 2.8.0
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Creation of Temporary File in Directory with Insecure Permissions
🦉 Denial of Service (DoS)
🦉 XML External Entity (XXE) Injection
🦉 More lessons are available in Snyk Learn