:arrow_up:(deps): Update dependency org.apache.maven.resolver:maven-r…
GitHub Actions / Qodana for JVM
completed
Apr 29, 2024 in 0s
1 new problem found by Qodana for JVM
Qodana for JVM
1 new problem were found
| Inspection name | Severity | Problems |
|---|---|---|
Vulnerable declared dependency |
🔴 Failure | 1 |
View the detailed Qodana report
To be able to view the detailed Qodana report, you can either:
- Register at Qodana Cloud and configure the action
- Use GitHub Code Scanning with Qodana
- Host Qodana report at GitHub Pages
- Inspect and use
qodana.sarif.json(see the Qodana SARIF format for details)
To get *.log files or any other Qodana artifacts, run the action with upload-result option set to true,
so that the action will upload the files as the job artifacts:
- name: 'Qodana Scan'
uses: JetBrains/qodana-action@v2024.1.2
with:
upload-result: trueContact Qodana team
Contact us at qodana-support@jetbrains.com
- Or via our issue tracker: https://jb.gg/qodana-issue
- Or share your feedback: https://jb.gg/qodana-discussions
Details
This result was published with Qodana GitHub Action
Annotations
Check failure on line 67 in maven_plugin/pom.xml
github-actions / Qodana for JVM
Vulnerable declared dependency
Provides transitive vulnerable dependency maven:org.codehaus.plexus:plexus-archiver:2.2
* [CVE-2018-1002200](https://devhub.checkmarx.com/cve-details/CVE-2018-1002200?utm_source=jetbrains&utm_medium=referral) 5.5 Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") vulnerability with Medium severity found
* [CVE-2023-37460](https://devhub.checkmarx.com/cve-details/CVE-2023-37460?utm_source=jetbrains&utm_medium=referral) 9.8 UNIX Symbolic Link (Symlink) Following vulnerability with High severity found
Results powered by [Checkmarx](https://checkmarx.com)(c)
Loading