Dependency Vulnerability IDs Package Highest Severity CVE Count Confidence Evidence Count

hibernate$-$validator$-6\mathrm{.}0\mathrm{.}18.$Final.jar cpe:$2\mathrm{.}3$:a:redhat:hibernate$\_$validator:$6\mathrm{.}0\mathrm{.}18$:$*$:$*$:$*$:$*$:$*$:$*$:$*$ pkg:maven$/$org$.$hibernate.validator$/$hibernate$-$validator@$6\mathrm{.}0\mathrm{.}18.$Final MEDIUM $1$ Highest $32$

jackson$-$databind$-2\mathrm{.}10\mathrm{.}2.$jar cpe:$2\mathrm{.}3$:a:fasterxml:jackson$-$databind:$2\mathrm{.}10\mathrm{.}2$:$*$:$*$:$*$:$*$:$*$:$*$:$*$

cpe:$2\mathrm{.}3$:a:fasterxml:jackson$-$modules$-$java$8$:$2\mathrm{.}10\mathrm{.}2$:$*$:$*$:$*$:$*$:$*$:$*$:$*$ pkg:maven$/$com$.$fasterxml.jackson.core$/$jackson$-$databind@$2\mathrm{.}10\mathrm{.}2$ HIGH $6$ Highest $39$

log$4$j$-$api$-2\mathrm{.}12\mathrm{.}1.$jar cpe:$2\mathrm{.}3$:a:apache:log$4$j:$2\mathrm{.}12\mathrm{.}1$:$*$:$*$:$*$:$*$:$*$:$*$:$*$ pkg:maven$/$org$.$apache.logging$.$log$4$j$/$log$4$j$-$api@$2\mathrm{.}12\mathrm{.}1$ LOW $1$ Highest $42$

logback$-$core$-1\mathrm{.}2\mathrm{.}3.$jar cpe:$2\mathrm{.}3$:a:qos:logback:$1\mathrm{.}2\mathrm{.}3$:$*$:$*$:$*$:$*$:$*$:$*$:$*$ pkg:maven$/$ch$.$qos.logback$/$logback$-$core@$1\mathrm{.}2\mathrm{.}3$ HIGH $2$ Highest $31$

mongo$-$java$-$driver$-2\mathrm{.}4.$jar cpe:$2\mathrm{.}3$:a:mongodb:java$\_$driver:$2\mathrm{.}4$:$*$:$*$:$*$:$*$:$*$:$*$:$*$ pkg:maven$/$org$.$mongodb$/$mongo$-$java$-$driver@$2\mathrm{.}4$ MEDIUM $1$ Highest $20$

snakeyaml$-1\mathrm{.}25.$jar cpe:$2\mathrm{.}3$:a:snakeyaml$\_$project:snakeyaml:$1\mathrm{.}25$:$*$:$*$:$*$:$*$:$*$:$*$:$*$ pkg:maven$/$org$.$yaml$/$snakeyaml@$1\mathrm{.}25$ CRITICAL $8$ Highest $44$

spring$-$boot$-2\mathrm{.}2\mathrm{.}4.$RELEASE.jar cpe:$2\mathrm{.}3$:a:vmware:spring$\_$boot:$2\mathrm{.}2\mathrm{.}4$:release:$*$:$*$:$*$:$*$:$*$:$*$ pkg:maven$/$org$.$springframework.boot$/$spring$-$boot@$2\mathrm{.}2\mathrm{.}4.$RELEASE CRITICAL $3$ Highest $39$

spring$-$boot$-$starter$-$web$-2\mathrm{.}2\mathrm{.}4.$RELEASE.jar cpe:$2\mathrm{.}3$:a:vmware:spring$\_$boot:$2\mathrm{.}2\mathrm{.}4$:release:$*$:$*$:$*$:$*$:$*$:$*$

cpe:$2\mathrm{.}3$:a:web$\_$project:web:$2\mathrm{.}2\mathrm{.}4$:release:$*$:$*$:$*$:$*$:$*$:$*$ pkg:maven$/$org$.$springframework.boot$/$spring$-$boot$-$starter$-$web@$2\mathrm{.}2\mathrm{.}4.$RELEASE CRITICAL $3$ Highest $35$

spring$-$core$-5\mathrm{.}2\mathrm{.}3.$RELEASE.jar cpe:$2\mathrm{.}3$:a:pivotal$\_$software:spring$\_$framework:$5\mathrm{.}2\mathrm{.}3$:release:$*$:$*$:$*$:$*$:$*$:$*$

cpe:$2\mathrm{.}3$:a:springsource:spring$\_$framework:$5\mathrm{.}2\mathrm{.}3$:release:$*$:$*$:$*$:$*$:$*$:$*$

cpe:$2\mathrm{.}3$:a:vmware:spring$\_$framework:$5\mathrm{.}2\mathrm{.}3$:release:$*$:$*$:$*$:$*$:$*$:$*$ pkg:maven$/$org$.$springframework$/$spring$-$core@$5\mathrm{.}2\mathrm{.}3.$RELEASE CRITICAL$*11$ Highest $36$

spring$-$web$-5\mathrm{.}2\mathrm{.}3.$RELEASE.jar cpe:$2\mathrm{.}3$:a:pivotal$\_$software:spring$\_$framework:$5\mathrm{.}2\mathrm{.}3$:release:$*$:$*$:$*$:$*$:$*$:$*$

cpe:$2\mathrm{.}3$:a:springsource:spring$\_$framework:$5\mathrm{.}2\mathrm{.}3$:release:$*$:$*$:$*$:$*$:$*$:$*$

cpe:$2\mathrm{.}3$:a:vmware:spring$\_$framework:$5\mathrm{.}2\mathrm{.}3$:release:$*$:$*$:$*$:$*$:$*$:$*$

cpe:$2\mathrm{.}3$:a:web$\_$project:web:$5\mathrm{.}2\mathrm{.}3$:release:$*$:$*$:$*$:$*$:$*$:$*$ pkg:maven$/$org$.$springframework$/$spring$-$web@$5\mathrm{.}2\mathrm{.}3.$RELEASE CRITICAL$*12$ Highest $34$

spring$-$webmvc$-5\mathrm{.}2\mathrm{.}3.$RELEASE.jar cpe:$2\mathrm{.}3$:a:pivotal$\_$software:spring$\_$framework:$5\mathrm{.}2\mathrm{.}3$:release:$*$:$*$:$*$:$*$:$*$:$*$

cpe:$2\mathrm{.}3$:a:springsource:spring$\_$framework:$5\mathrm{.}2\mathrm{.}3$:release:$*$:$*$:$*$:$*$:$*$:$*$

cpe:$2\mathrm{.}3$:a:vmware:spring$\_$framework:$5\mathrm{.}2\mathrm{.}3$:release:$*$:$*$:$*$:$*$:$*$:$*$

cpe:$2\mathrm{.}3$:a:web$\_$project:web:$5\mathrm{.}2\mathrm{.}3$:release:$*$:$*$:$*$:$*$:$*$:$*$ pkg:maven$/$org$.$springframework$/$spring$-$webmvc@$5\mathrm{.}2\mathrm{.}3.$RELEASE CRITICAL$*11$ Highest $36$

tomcat$-$embed$-$core$-9\mathrm{.}0\mathrm{.}30.$jar cpe:$2\mathrm{.}3$:a:apache:tomcat:$9\mathrm{.}0\mathrm{.}30$:$*$:$*$:$*$:$*$:$*$:$*$:$*$

cpe:$2\mathrm{.}3$:a:apache$\_$tomcat:apache$\_$tomcat:$9\mathrm{.}0\mathrm{.}30$:$*$:$*$:$*$:$*$:$*$:$*$:$*$ pkg:maven$/$org$.$apache.tomcat.embed$/$tomcat$-$embed$-$core@$9\mathrm{.}0\mathrm{.}30$ CRITICAL$*25$ Highest $30$

tomcat$-$embed$-$websocket$-9\mathrm{.}0\mathrm{.}30.$jar cpe:$2\mathrm{.}3$:a:apache:tomcat:$9\mathrm{.}0\mathrm{.}30$:$*$:$*$:$*$:$*$:$*$:$*$:$*$

cpe:$2\mathrm{.}3$:a:apache$\_$tomcat:apache$\_$tomcat:$9\mathrm{.}0\mathrm{.}30$:$*$:$*$:$*$:$*$:$*$:$*$:$*$ pkg:maven$/$org$.$apache.tomcat.embed$/$tomcat$-$embed$-$websocket@$9\mathrm{.}0\mathrm{.}30$ CRITICAL$*26$ Highest $30$