[Snyk] Upgrade org.apache.tomcat:tomcat-catalina from 7.0.27 to 7.0.109 by devopsadmin12 · Pull Request #4 · devopsadmin12/WebGoat-Jira

devopsadmin12 · 2023-02-23T04:22:23Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade org.apache.tomcat:tomcat-catalina from 7.0.27 to 7.0.109.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 58 versions ahead of your current version.
The recommended version was released 2 years ago, on 2021-04-22.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Remote Code Execution (RCE) SNYK-JAVA-ORGAPACHETOMCAT-1080636	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Remote Code Execution SNYK-JAVA-ORGAPACHETOMCAT-174342	500/1000 Why? Has a fix available, CVSS 7	Mature
Denial of Service (DoS) SNYK-JAVA-ORGAPACHETOMCAT-30065	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Access Restriction Bypass SNYK-JAVA-ORGAPACHETOMCAT-30950	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Denial of Service (DoS) SNYK-JAVA-ORGAPACHETOMCAT-451507	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Arbitrary Code Execution SNYK-JAVA-ORGAPACHETOMCAT-451514	500/1000 Why? Has a fix available, CVSS 7	Mature
Information Exposure SNYK-JAVA-ORGAPACHETOMCAT-451523	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Denial of Service (DoS) SNYK-JAVA-ORGAPACHETOMCAT-451530	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Arbitrary File Upload SNYK-JAVA-ORGAPACHETOMCAT-451607	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Arbitrary File Upload SNYK-JAVA-ORGAPACHETOMCAT-551994	500/1000 Why? Has a fix available, CVSS 7	Mature
Denial of Service (DoS) SNYK-JAVA-ORGAPACHETOMCAT-30911	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Information Exposure SNYK-JAVA-ORGAPACHETOMCAT-30913	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Arbitrary Code Execution SNYK-JAVA-ORGAPACHETOMCAT-451516	500/1000 Why? Has a fix available, CVSS 7	Mature
Information Exposure SNYK-JAVA-ORGAPACHETOMCAT-451522	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Access Restriction Bypass SNYK-JAVA-ORGAPACHETOMCAT-460342	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Arbitrary Code Execution SNYK-JAVA-ORGAPACHETOMCAT-460343	500/1000 Why? Has a fix available, CVSS 7	Mature
Remote Code Execution (RCE) SNYK-JAVA-ORGAPACHETOMCAT-570036	500/1000 Why? Has a fix available, CVSS 7	Mature
Access Restriction Bypass SNYK-JAVA-ORGAPACHETOMCAT-30915	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Access Restriction Bypass SNYK-JAVA-ORGAPACHETOMCAT-30918	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Access Restriction Bypass SNYK-JAVA-ORGAPACHETOMCAT-31531	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Information Disclosure SNYK-JAVA-ORGAPACHETOMCAT-1060050	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Improper Authentication SNYK-JAVA-ORGAPACHETOMCAT-30905	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Improper Authentication SNYK-JAVA-ORGAPACHETOMCAT-30906	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Information Exposure SNYK-JAVA-ORGAPACHETOMCAT-30908	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Improper Input Validation SNYK-JAVA-ORGAPACHETOMCAT-1316666	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Access Restriction Bypass SNYK-JAVA-ORGAPACHETOMCAT-30901	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Cross-site Request Forgery (CSRF) SNYK-JAVA-ORGAPACHETOMCAT-30902	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Access Restriction Bypass SNYK-JAVA-ORGAPACHETOMCAT-30903	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Improper Authentication SNYK-JAVA-ORGAPACHETOMCAT-30904	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Directory Traversal SNYK-JAVA-ORGAPACHETOMCAT-30948	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Directory Traversal SNYK-JAVA-ORGAPACHETOMCAT-30949	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Access Restriction Bypass SNYK-JAVA-ORGAPACHETOMCAT-30909	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Arbitrary File Read SNYK-JAVA-ORGAPACHETOMCAT-30910	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Directory Traversal SNYK-JAVA-ORGAPACHETOMCAT-30912	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Information Exposure SNYK-JAVA-ORGAPACHETOMCAT-30914	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Open Redirect SNYK-JAVA-ORGAPACHETOMCAT-459632	500/1000 Why? Has a fix available, CVSS 7	Mature
Cache Poisoning SNYK-JAVA-ORGAPACHETOMCAT-460344	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
HTTP Request Smuggling SNYK-JAVA-ORGAPACHETOMCAT-30946	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Arbitrary File Read SNYK-JAVA-ORGAPACHETOMCAT-30947	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Timing Attack SNYK-JAVA-ORGAPACHETOMCAT-30916	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Access Restriction Bypass SNYK-JAVA-ORGAPACHETOMCAT-30917	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Directory Traversal SNYK-JAVA-ORGAPACHETOMCAT-32110	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Access Restriction Bypass SNYK-JAVA-ORGAPACHETOMCAT-32115	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Information Exposure SNYK-JAVA-ORGAPACHETOMCAT-30907	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Cross-site Scripting (XSS) SNYK-JAVA-ORGAPACHETOMCAT-174805	500/1000 Why? Has a fix available, CVSS 7	Mature
Session Fixation SNYK-JAVA-ORGAPACHETOMCAT-538469	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Information Exposure SNYK-JAVA-ORGAPACHETOMCAT-31421	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Insecure Defaults SNYK-JAVA-ORGAPACHETOMCAT-32281	500/1000 Why? Has a fix available, CVSS 7	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade org.apache.tomcat:tomcat-catalina from 7.0.27 to 7.0.109. See this package in Maven Repository: https://mvnrepository.com/artifact/org.apache.tomcat/tomcat-catalina/ See this project in Snyk: https://app.snyk.io/org/devopsadmin12/project/a7c838cf-a77c-49e9-bad7-7dc966da8c07?utm_source=github&utm_medium=referral&page=upgrade-pr

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade org.apache.tomcat:tomcat-catalina from 7.0.27 to 7.0.109#4

[Snyk] Upgrade org.apache.tomcat:tomcat-catalina from 7.0.27 to 7.0.109#4
devopsadmin12 wants to merge 1 commit intomasterfrom
snyk-upgrade-307d232dc4d146db44f550baacbe810e

devopsadmin12 commented Feb 23, 2023

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

devopsadmin12 commented Feb 23, 2023

Snyk has created this PR to upgrade org.apache.tomcat:tomcat-catalina from 7.0.27 to 7.0.109.

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants