Description

One or more packages that are used in your web application are affected by known vulnerabilities. Please consult the details section for more information about each affected package.

Remediation

It's recommended to update the vulnerable packages to the latest version (if a fix exists). If a fix does not exist, you may want to suggest changes that address the vulnerability to the package maintainer or remove the package from your dependency tree.

References

Software composition analysis (SCA)

Related Vulnerabilities

Atlassian Confluence Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-18084)

Oracle JRE CVE-2013-2473 Vulnerability (CVE-2013-2473)

Envoy Proxy Uncontrolled Recursion Vulnerability (CVE-2022-23606)

WebLogic Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2020-7226)

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-17531)

Severity

Low

Classification

CWE-1104

Tags

Missing Update Known Vulnerabilities