[Backport 2.13] [Backport 2.x] Added input validation, and fixed bug for cross cluster monitors. (#1510) #1516
Security Report
❌ New vulnerabilities:
| CVE | Severity |  CVSS Score |
Vulnerable Library | Suggested Fix | Issue |
|---|---|---|---|---|---|
CVE-2021-28170Path to dependency file: /core/build.gradle Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.glassfish/javax.el/3.0.0/dd532526e7c8de48e40419e6af1183658a973379/javax.el-3.0.0.jar,/home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.glassfish/javax.el/3.0.0/dd532526e7c8de48e40419e6af1183658a973379/javax.el-3.0.0.jar Dependency Hierarchy: -> alerting-core-2.13.0.0-SNAPSHOT (Root Library) -> cron-utils-9.1.6.jar -> ❌ javax.el-3.0.0.jar (Vulnerable Library) |
 Medium |
5.3 | javax.el-3.0.0.jar | Upgrade to version: org.glassfish:jakarta.el:3.0.4, com.sun.el:el-ri:3.0.4 | None |
Base branch total remaining vulnerabilities: 1
Base branch commit: 71d03648b8d39f15f64922cb3b3ff9e18d16ed35
Total libraries scanned: 165
Scan token: 6560c31c45ce4a3aa82004943a2fab34