org.jenkins-ci.main:jenkins-parent@2.170-SNAPSHOT: EPL-1.0 license_test
Created by: armorcodegithubapp[bot]
Component Details
- Exploit Maturity: null
- Vulnerable Package: org.eclipse.sisu:org.eclipse.sisu.inject
- Current Version: 0.3.3
- Vulnerable Version(s): >[0,)
- Vulnerable Path: >org.jenkins-ci.main:jenkins-parent@2.170-SNAPSHOT,org.jenkins-ci.main:jenkins-test@2.170-SNAPSHOT,org.jenkins-ci.main:maven-plugin@2.14,org.eclipse.sisu:org.eclipse.sisu.plexus@0.3.3,org.eclipse.sisu:org.eclipse.sisu.inject@0.3.3>
EPL-1.0 license
- Vulnerable Version(s): >[0,)
- Vulnerable Path: >org.jenkins-ci.main:jenkins-parent@2.170-SNAPSHOT,org.jenkins-ci.main:jenkins-test-parent@2.170-SNAPSHOT,org.jenkins-ci.main:maven-plugin@2.14,org.eclipse.sisu:org.eclipse.sisu.plexus@0.3.3,org.eclipse.sisu:org.eclipse.sisu.inject@0.3.3>
EPL-1.0 license
File Path: jenkins-parent > org.jenkins-ci.main:0
Mitigation: ## Remediation
Upgrade org.springframework:spring-webmvc
to version 4.3.15, 5.0.5 or higher.
https://app.armorcode.com/#/findings/62057682
Knowledge Base: Man in the Middle (MITM) Attack:https://app.armorcode.com/#/knowledgeBase/45