[Snyk] Fix for 7 vulnerabilities by snyk-bot · Pull Request #4 · sbroddy/Grouper-ActiveMQ-Provisioner

snyk-bot · 2021-06-17T10:31:47Z

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- grouperDispatcher/pom.xml

Priority Score (*)	Issue	Upgrade	Breaking Change	Exploit Maturity
399/1000 Why? Has a fix available, CVSS 3.7	Information Exposure SNYK-JAVA-COMMONSCODEC-561518	`commons-codec:commons-codec:` `1.8 -> 1.13`	No	No Known Exploit
579/1000 Why? Has a fix available, CVSS 7.3	Improper Authentication SNYK-JAVA-ORGAPACHEACTIVEMQ-30476	`org.apache.activemq:activemq-all:` `5.9.0 -> 5.15.6`	No	No Known Exploit
479/1000 Why? Has a fix available, CVSS 5.3	Credentials Exposure SNYK-JAVA-ORGAPACHEACTIVEMQ-30477	`org.apache.activemq:activemq-all:` `5.9.0 -> 5.15.6`	No	No Known Exploit
876/1000 Why? Mature exploit, Has a fix available, CVSS 9.8	Arbitrary Code Execution SNYK-JAVA-ORGAPACHEACTIVEMQ-467288	`org.apache.activemq:activemq-all:` `5.9.0 -> 5.15.6`	No	Mature
584/1000 Why? Has a fix available, CVSS 7.4	Man-in-the-Middle (MitM) SNYK-JAVA-ORGAPACHEACTIVEMQ-467290	`org.apache.activemq:activemq-all:` `5.9.0 -> 5.15.6`	No	No Known Exploit
479/1000 Why? Has a fix available, CVSS 5.3	Denial of Service (DoS) SNYK-JAVA-ORGAPACHEACTIVEMQ-467291	`org.apache.activemq:activemq-all:` `5.9.0 -> 5.15.6`	No	No Known Exploit
589/1000 Why? Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JAVA-ORGAPACHEACTIVEMQ-467292	`org.apache.activemq:activemq-all:` `5.9.0 -> 5.15.6`	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

Provide feedback