chore(deps): update all non-major dependencies #162

renovate · 2024-03-01T02:14:53Z

This PR contains the following updates:

Package	Update	Change
akhq (source)	minor	`0.24.0` -> `0.25.1`
confluent-kafka	minor	`==2.3.0` -> `==2.6.1`
docker.io/bitnami/kafka (source)	minor	`3.6.1` -> `3.9.0`
docker.io/library/postgres	minor	`16.2` -> `16.6`
docker.io/library/postgres	minor	`15.6` -> `15.10`
docker.io/obiba/opal	minor	`4.6` -> `4.7`
docker.io/tchiotludo/akhq	minor	`0.24.0` -> `0.25.1`
fhir-gateway (source)	minor	`6.2.0` -> `6.3.64`
ghcr.io/bzkf/obds-to-fhir	patch	`v2.2.0` -> `v2.2.3`
ghcr.io/miracum/fhir-gateway	minor	`v3.12.8` -> `v3.14.2`
ghcr.io/miracum/fhir-pseudonymizer	minor	`v2.21.6` -> `v2.22.2`
ghcr.io/miracum/kafka-fhir-to-server	minor	`v2.0.6` -> `v2.2.1`
ghcr.io/miracum/obds-to-fhir	minor	`v2.0.15` -> `v2.1.0`
ghcr.io/miracum/util-images/cricketeerone-kafka-connect	patch	`v1.6.0` -> `v1.6.2`
hapi-fhir-jpaserver	minor	`0.15.0` -> `0.17.1`
ipython	minor	`==8.26.0` -> `==8.30.0`
matplotlib	minor	`==3.9.1` -> `==3.10.0`
pandas (source)	patch	`==2.2.0` -> `==2.2.3`
pydantic (changelog)	patch	`==1.10.14` -> `==1.10.19`
regex	minor	`==2024.5.15` -> `==2024.11.6`
stream-processors	minor	`1.6.0` -> `1.7.31`
strimzi-kafka-operator (source)	minor	`0.39.0` -> `0.44.0`
syrupy	minor	`==4.6.1` -> `==4.8.0`

Release Notes

tchiotludo/akhq (akhq)

`v0.25.1`

Compare Source

Features

helm: add revisionHistoryLimit params (#1788) #1788 (Serhii Plesovskykh)
docs: explanation of ssl usage (#1797) #1797 (Jonas Voelcker)
ui: support other naming strategies in schema dropdowns on topic produce (#1804) #1804 (Alexis SOUQUIERE)
ui: hmr in docker-compose-dev (#1818) #1818 (Shane Kennedy)
topic: give the true first offset on compacted topics (#1817) #1817 (Alexis SOUQUIERE)
helm: add annotations to configmaps (#1826) #1826 (kostik2022)
schema: fallback in case of subject matching the schema id but not the TopicNameStrategy (#1820) #1820 (Alexis SOUQUIERE)

Bug Fixes

ui: check for correct role defined before before calling into it (#1785) #1785 (Sverre H. Huseby)
auth: endpoint topic/{topicName}/groups incorrect acl resource type (#1796) #1796 (doxsch)
docs: make links clickable on AWS Auth page (#1799) #1799 (Antoine Gauthier)
ui: broken error handling for all api requests (#1809) #1809 (Shane Kennedy)
ui: undefined navigate on TopicGroups.jsx (#1808) #1808 (Alexis SOUQUIERE)
topicdata: improving search and listing due to higher timeout and max.poll.records (#1843) #1843 (Jonas Voelcker)
ui: calculating recordCount without undefined (#1838) #1838 (Jonas Voelcker)
ui: loading all topics to produce to topic UI (#1825) #1825 (jacek-bukowski)
ui: individual message selection for export (#1812) #1812 (Antoine Gauthier)
auth: add the default group during the SecurityRule check (#1816) #1816 (Alexis SOUQUIERE)
ui: connect clusters list overflow (#1841) #1841 (Alexis SOUQUIERE)

Chores

deps: bump com.google.code.gson:gson from 2.10.1 to 2.11.0 #1781 (dependabot[bot])
deps: bump software.amazon.glue:schema-registry-serde #1794 (dependabot[bot])
deps: bump io.micronaut.application from 4.3.8 to 4.4.0 #1782 (dependabot[bot])
deps: bump io.projectreactor:reactor-core from 3.6.5 to 3.6.6 #1780 (dependabot[bot])
deps: bump com.google.guava:guava from 33.1.0-jre to 33.2.1-jre #1798 (dependabot[bot])
deps: upgrading non conflicting versions (#1800) #1800 (Jonas Voelcker)
deps: using new version of curator-test (#1803) #1803 (Jonas Voelcker)
fix editorconfig (#1819) #1819 (Shane Kennedy)
deps: bump docker/build-push-action from 5 to 6 #1829 (dependabot[bot])
deps: bump io.jsonwebtoken:jjwt-impl from 0.12.5 to 0.12.6 #1844 (dependabot[bot])
deps: bump com.google.protobuf:protobuf-java-util #1822 (dependabot[bot])
deps: bump io.projectreactor:reactor-core from 3.6.6 to 3.6.7 #1830 (dependabot[bot])
deps: bump braces from 3.0.2 to 3.0.3 in /docs #1827 (dependabot[bot])
deps: bump org.apache.curator:curator-test from 5.6.0 to 5.7.0 #1832 (dependabot[bot])
deps: bump software.amazon.msk:aws-msk-iam-auth #1833 (dependabot[bot])
deps-dev: bump ws from 8.16.0 to 8.17.1 in /client #1839 (dependabot[bot])
version: update to v0.25.1 (Ludovic DEHON)

Commits

40b4bed: * feat(auth): add ability to send an authentication header to external service (#1759) (Cenk Kılıç) #1759

`v0.25.0`

Compare Source

⚠️ This release bring breaking changes since the whole ACL system was rewritten to support multiple clusters RBAC ⚠️

Features

acls: introduce new ACL rewrite (#1472) #1472 (Alexis SOUQUIERE)
topicdata: list topics even if a broker is unable to serve log information (#1502) (Kevin Duss)
core: allow to configure (de)serialiser on consumers/producers (#1432) (Guillaume Dufrêne)
schema: improve schema loading on produce screen (#1467) (Alexis SOUQUIERE)
webserver: html-head don't work any more (#1489) (jheinitz)
topicdata: search for key/value schema subject (#1430) #1430 (Markus)
helm: added ingress pathType (#1564) #1564 (Moritz Rathberger)
docs: update groups.md with warning about recent group changes. (#1582) #1582 (Kajetan Krykwiński)
docs: adding content-type warning on external claim provider response (#1599) #1599 (Alexis SOUQUIERE)
auth: customizable github SSO url (#1606) (#1613) #1613 (dred22)
topic: increase topic partition (#1601) #1601 (neeraj-singh47)
topic: allow to delete topic config (#1602) #1602 (Timon Back)
ui: fix and improve error management (#1620) #1620 (Alexis SOUQUIERE)
topicdata: adding end timestamp filter (#1629) #1629 (Alexis SOUQUIERE)
auth: adding JWT payload compression (#1630) #1630 (Alexis SOUQUIERE)
topicdata: adding download all messages feature (#1628) #1628 (Alexis SOUQUIERE)
schema: add support for GLUE schema registry (only deserialization) (#1650) #1650 (arindampatra33)
schema: enhance support for Glue Schema Registry (#1673) #1673 (arindampatra33)
ui: upgrade to React 18 (#1678) #1678 (Alexis SOUQUIERE)
auth: adding READ_CONFIG in default reader role (#1694) #1694 (Alexis SOUQUIERE)
topicdata: adding Jackson view on Record to limit field in download (#1692) #1692 (Alexis SOUQUIERE)
acls: audit logs (#1675) #1675 (Emmanuel)
acls: use no op security service when security is off #1705 (#1706) #1706 (Emmanuel)
cicd: add dependabot automatic check (Ludovic DEHON)
ui: handle env file for dev (Ludovic DEHON)
helm: add LoadBalancerIP (Ludovic DEHON)
docs: remove upstash sponsor (Ludovic DEHON)
auth: add default value for github api and update doc (#1779) #1779 (Alexis SOUQUIERE)
docs: describe how to enable json logging (#1772) #1772 (theBNT)

Bug Fixes

topicdata: search can failed data pagination with many results (#1468) #1468 (Alexis SOUQUIERE)
topicdata: no topic data when 1 record with newest sort (#1466) #1466 (Alexis SOUQUIERE)
connect: sort throw exception (#1431) #1431 (Albert)
webservre: add missing / to search string in replace (#1477) #1477 (jheinitz)
docs: invalid helm link (Ludovic DEHON)
schema: invalid signature on schema controller (Ludovic DEHON)
ui: delete message don't work anymore (Ludovic DEHON)
ui: live tail should pretty print json (Ludovic DEHON)
ui: header failed to display on live tail (Ludovic DEHON)
ui: search box on topic data (#1522) #1522 (Alexis SOUQUIERE)
acls: inconsistency between READ and READ_CONFIG actions for NODE resource (#1521) #1521 (Alexis SOUQUIERE)
ui: inconsistency in default selected cluster (#1523) #1523 (Alexis SOUQUIERE)
ui: regression on search filters when changing sort (#1525) #1525 (Alexis SOUQUIERE)
ui: cancel previous request on search schema (#1542) #1542 (Alexis SOUQUIERE)
ui: redirect on login page when token expires (#1539) #1539 (Alexis SOUQUIERE)
core: fix permissions issues (#1533) #1533 (Alexis SOUQUIERE)
topicdata: fix and enhance search (#1538) #1538 (Alexis SOUQUIERE)
cicd: fix falling doc build (Ludovic DEHON)
auth: handling logged-in user with no roles (#1589) #1589 (Alexis SOUQUIERE)
schema: only load schema when user has rights on produce screen (#1600) #1600 (Alexis SOUQUIERE)
topicdata: BufferUnderflowException on header deserialization (#1588) #1588 (Alexis SOUQUIERE)
auth: check only cluster permissions on search for acl and schema (#1605) #1605 (Alexis SOUQUIERE)
topicdata: fix copy infinite loop when record added during copy (#1612) #1612 (val)
ui: Sorting messages in a topic no longer reset applied filters (#1627) #1627 (DPICART)
topicdata: fix NPE for tombstone values in contains search (#1634) #1634 (Paolo Haider)
webserver: fix body serialization error for config updates (#1646) #1646 (Alexis SOUQUIERE)
webserver: fixing blocking call after Micronaut migration (#1647) #1647 (Alexis SOUQUIERE)
auth: removed explicit context-path in redirect urls and intercept url maps (#1652) #1652 (Stephan Linkel)
topicdata: Hide 'Empty Topic' button when user doesn't have DELETE permission (#1653) #1653 (Piotr Przybylski)
helm: can not specify NodePort for http port 80 (#1648) #1648 (Jakob Maležič)
auth: handling NPE on login (#1655) #1655 (Alexis SOUQUIERE)
schema: fix subject redirection from message on large registry (#1654) #1654 (Alexis SOUQUIERE)
schema: adding JsonIgnore on awsGlueKafkaDeserializer (#1663) #1663 (Alexis SOUQUIERE)
topicdata: topic must be included for tail (#1672) #1672 (arindampatra33)
webserver: remove regresion on index.html (Ludovic DEHON)
site: docker-compose deprecated (#1686) #1686 (Nard Théo)
topicdata: increasing Max-Poll-Records to required page size as it fixes sorting by newest (#1691) #1691 (Jonas Voelcker)
build: fix startTestKafkaCluster task (#1695) #1695 (Shane Kennedy)
docs: removed docs dependency onto client-folder (#1697) #1697 (Jonas Voelcker)
topicdata: missing noargs for headers (Ludovic DEHON)
build: invalid .editorconfig (Ludovic DEHON)
cicd: missing distributions dir (Ludovic DEHON)
ui: removing loading animation on ongoing search (#1710) #1710 (Jonas Voelcker)
helm: changed kafkaSecrets default value change with examples (#1712) #1712 (David Vrtěl)
ui: adding loading animation on topic data search (#1713) #1713 (Alexis SOUQUIERE)
ui: using hook instead of props (#1708) #1708 (Jonas Voelcker)
cicd: tag master docker releases with "latest" (#1711) #1711 (Shane Kennedy)
ui: display blank data instead of null (#1714) #1714 (Akshaykumar Chaudhary)
schema: fix glue schema registry caching issue (#1750) #1750 (arindampatra33)
ui: extract after from lastResult as nextPage (#1752) (#1754) #1754 (Jonas Voelcker)
ui: fix compact,delete topic creation #1755 (#1756) #1756 (Emmanuel)
ui: changed lastResult from array to actual element (#1757) #1757 (Jonas Voelcker)
ui: missing default right on consumer group (Ludovic DEHON)
server: better startup and logs (Ludovic DEHON)

Documentation

readme: add Archer Aviation in the Who's using AKHQ (#1503) #1503 (Hongbo Miao)
add configuration path configuration (#1566) #1566 (Y. Luis)

Chores

schema: typos #1465 (Boris Momčilović)
build: add idea-ext on build.gradle (#1446) #1446 (Markus)
docker: add unless-stopped (#1445) #1445 (Markus)
readme: add infosupport sponsors (Ludovic DEHON)
docs: fix copyright (Ludovic DEHON)
deps: update most of java deps (Ludovic DEHON)
deps: update to kafka 3.5.1 and confluent 3.4.1 (#1554) #1554 (Julien Jean Paul Sirocchi)
docs: add application configuration for dev (#1591) #1591 (bhargav joshi)
docs: add manomano (#1618) #1618 (dida ratsimba)
deps: upgrade Micronaut to 4.2 version (#1615) #1615 (screpel)
deps: update gradle (Ludovic DEHON)
deps: update all docs packages (Ludovic DEHON)
deps: update most java packages (#1661) #1661 (Ludovic DEHON)
site: added maif as sponsor (Ludovic DEHON)
site: add some company using (Ludovic DEHON)
deps: update sioan.frontend-jdk to java 17 (#1701) #1701 (Shane Kennedy)
deps: bump follow-redirects from 1.15.5 to 1.15.6 in /docs #1698 (dependabot[bot])
deps: bump vite from 5.0.12 to 5.0.13 in /docs #1699 (dependabot[bot])
deps-dev: bump vite from 5.2.2 to 5.2.6 in /client #1700 (dependabot[bot])
deps: update all github actions deps (Ludovic DEHON)
deps: update most java deps (Ludovic DEHON)
deps: update most javascript deps (Ludovic DEHON)
docs: added Michelin Company (#1751) #1751 (Akshaykumar Chaudhary)
deps: bump commons-codec:commons-codec from 1.16.1 to 1.17.0 #1763 (dependabot[bot])
deps: bump org.gradle.test-retry from 1.5.8 to 1.5.9 #1762 (dependabot[bot])
deps: bump io.micronaut.application from 4.3.6 to 4.3.8 #1760 (dependabot[bot])
deps: bump com.gorylenko.gradle-git-properties #1761 (dependabot[bot])
docs: added CEVA as users (#1773) [#1773](http

Configuration

📅 Schedule: Branch creation - "* 0-3 1 * *" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

github-actions · 2024-03-01T02:19:16Z

🦙 MegaLinter status: ⚠️ WARNING

Descriptor	Linter	Files	Errors	Elapsed time
✅ ACTION	actionlint	6	0	0.11s
✅ BASH	bash-exec	2	0	0.02s
✅ BASH	shellcheck	2	0	0.19s
✅ BASH	shfmt	2	0	0.01s
✅ DOCKERFILE	hadolint	2	0	0.17s
✅ EDITORCONFIG	editorconfig-checker	89	0	0.5s
✅ ENV	dotenv-linter	1	0	0.01s
✅ JSON	jsonlint	3	0	0.27s
✅ JSON	prettier	3	0	0.64s
✅ JSON	v8r	3	0	4.0s
⚠️ MARKDOWN	markdownlint	8	89	1.32s
⚠️ MARKDOWN	markdown-table-formatter	8	1	0.5s
✅ PYTHON	bandit	7	0	1.72s
✅ PYTHON	black	7	0	2.05s
✅ PYTHON	flake8	7	0	0.99s
✅ PYTHON	isort	7	0	0.41s
✅ PYTHON	mypy	7	0	3.37s
✅ PYTHON	pyright	7	0	7.53s
✅ PYTHON	ruff	7	0	0.02s
✅ REPOSITORY	checkov	yes	no	25.21s
✅ REPOSITORY	dustilock	yes	no	3.03s
✅ REPOSITORY	gitleaks	yes	no	2.53s
✅ REPOSITORY	git_diff	yes	no	0.03s
✅ REPOSITORY	grype	yes	no	14.87s
✅ REPOSITORY	kics	yes	no	47.02s
✅ REPOSITORY	secretlint	yes	no	1.17s
✅ REPOSITORY	syft	yes	no	2.46s
✅ REPOSITORY	trivy	yes	no	12.6s
✅ REPOSITORY	trivy-sbom	yes	no	0.25s
✅ REPOSITORY	trufflehog	yes	no	5.52s
✅ XML	xmllint	3	0	0.01s
✅ YAML	prettier	28	0	1.34s
✅ YAML	v8r	28	0	48.8s
✅ YAML	yamllint	28	0	0.92s

See detailed report in MegaLinter reports

You could have same capabilities but better runtime performances if you request a new MegaLinter flavor.

Click here to request the new flavor

MegaLinter is graciously provided by

github-actions · 2024-12-14T13:01:33Z

Trivy image scan report

`ghcr.io/bzkf/onco-analytics-on-fhir/decompose-xmls:pr-162 (debian 12.7)`

8 known vulnerabilities found (CRITICAL: 2 HIGH: 2 MEDIUM: 2 LOW: 2)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`libexpat1`	CVE-2024-45491	CRITICAL	2.5.0-1	2.5.0-1+deb12u1
`libexpat1`	CVE-2024-45492	CRITICAL	2.5.0-1	2.5.0-1+deb12u1
`libexpat1`	CVE-2024-45490	HIGH	2.5.0-1	2.5.0-1+deb12u1
`libsqlite3-0`	CVE-2023-7104	HIGH	3.40.1-2	3.40.1-2+deb12u1
`libssl3`	CVE-2024-5535	MEDIUM	3.0.14-1~deb12u2	3.0.15-1~deb12u1
`libssl3`	CVE-2024-9143	LOW	3.0.14-1~deb12u2	3.0.15-1~deb12u1
`openssl`	CVE-2024-5535	MEDIUM	3.0.14-1~deb12u2	3.0.15-1~deb12u1
`openssl`	CVE-2024-9143	LOW	3.0.14-1~deb12u2	3.0.15-1~deb12u1

No Misconfigurations found

`Python`

No Vulnerabilities found

No Misconfigurations found

github-actions · 2024-12-14T13:03:42Z

Trivy image scan report

`ghcr.io/bzkf/onco-analytics-on-fhir/obds-fhir-to-opal:pr-162 (debian 12.5)`

53 known vulnerabilities found (CRITICAL: 4 HIGH: 21 MEDIUM: 24 LOW: 4)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`bsdutils`	CVE-2024-28085	HIGH	1:2.38.1-5+b1	2.38.1-5+deb12u1
`libblkid1`	CVE-2024-28085	HIGH	2.38.1-5+b1	2.38.1-5+deb12u1
`libc-bin`	CVE-2024-2961	HIGH	2.36-9+deb12u4	2.36-9+deb12u6
`libc-bin`	CVE-2024-33599	HIGH	2.36-9+deb12u4	2.36-9+deb12u7
`libc-bin`	CVE-2024-33600	MEDIUM	2.36-9+deb12u4	2.36-9+deb12u7
`libc-bin`	CVE-2024-33601	MEDIUM	2.36-9+deb12u4	2.36-9+deb12u7
`libc-bin`	CVE-2024-33602	MEDIUM	2.36-9+deb12u4	2.36-9+deb12u7
`libc6`	CVE-2024-2961	HIGH	2.36-9+deb12u4	2.36-9+deb12u6
`libc6`	CVE-2024-33599	HIGH	2.36-9+deb12u4	2.36-9+deb12u7
`libc6`	CVE-2024-33600	MEDIUM	2.36-9+deb12u4	2.36-9+deb12u7
`libc6`	CVE-2024-33601	MEDIUM	2.36-9+deb12u4	2.36-9+deb12u7
`libc6`	CVE-2024-33602	MEDIUM	2.36-9+deb12u4	2.36-9+deb12u7
`libgnutls30`	CVE-2024-28834	MEDIUM	3.7.9-2+deb12u2	3.7.9-2+deb12u3
`libgnutls30`	CVE-2024-28835	MEDIUM	3.7.9-2+deb12u2	3.7.9-2+deb12u3
`libgssapi-krb5-2`	CVE-2024-37371	CRITICAL	1.20.1-2+deb12u1	1.20.1-2+deb12u2
`libgssapi-krb5-2`	CVE-2024-37370	HIGH	1.20.1-2+deb12u1	1.20.1-2+deb12u2
`libk5crypto3`	CVE-2024-37371	CRITICAL	1.20.1-2+deb12u1	1.20.1-2+deb12u2
`libk5crypto3`	CVE-2024-37370	HIGH	1.20.1-2+deb12u1	1.20.1-2+deb12u2
`libkrb5-3`	CVE-2024-37371	CRITICAL	1.20.1-2+deb12u1	1.20.1-2+deb12u2
`libkrb5-3`	CVE-2024-37370	HIGH	1.20.1-2+deb12u1	1.20.1-2+deb12u2
`libkrb5support0`	CVE-2024-37371	CRITICAL	1.20.1-2+deb12u1	1.20.1-2+deb12u2
`libkrb5support0`	CVE-2024-37370	HIGH	1.20.1-2+deb12u1	1.20.1-2+deb12u2
`libmount1`	CVE-2024-28085	HIGH	2.38.1-5+b1	2.38.1-5+deb12u1
`libsmartcols1`	CVE-2024-28085	HIGH	2.38.1-5+b1	2.38.1-5+deb12u1
`libsqlite3-0`	CVE-2023-7104	HIGH	3.40.1-2	3.40.1-2+deb12u1
`libssl3`	CVE-2023-5678	MEDIUM	3.0.11-1~deb12u2	3.0.13-1~deb12u1
`libssl3`	CVE-2023-6129	MEDIUM	3.0.11-1~deb12u2	3.0.13-1~deb12u1
`libssl3`	CVE-2023-6237	MEDIUM	3.0.11-1~deb12u2	3.0.13-1~deb12u1
`libssl3`	CVE-2024-0727	MEDIUM	3.0.11-1~deb12u2	3.0.13-1~deb12u1
`libssl3`	CVE-2024-4603	MEDIUM	3.0.11-1~deb12u2	3.0.14-1~deb12u1
`libssl3`	CVE-2024-4741	MEDIUM	3.0.11-1~deb12u2	3.0.14-1~deb12u1
`libssl3`	CVE-2024-5535	MEDIUM	3.0.11-1~deb12u2	3.0.15-1~deb12u1
`libssl3`	CVE-2024-6119	MEDIUM	3.0.11-1~deb12u2	3.0.14-1~deb12u2
`libssl3`	CVE-2024-2511	LOW	3.0.11-1~deb12u2	3.0.14-1~deb12u1
`libssl3`	CVE-2024-9143	LOW	3.0.11-1~deb12u2	3.0.15-1~deb12u1
`libsystemd0`	CVE-2023-50387	HIGH	252.22-1~deb12u1	252.23-1~deb12u1
`libsystemd0`	CVE-2023-50868	HIGH	252.22-1~deb12u1	252.23-1~deb12u1
`libudev1`	CVE-2023-50387	HIGH	252.22-1~deb12u1	252.23-1~deb12u1
`libudev1`	CVE-2023-50868	HIGH	252.22-1~deb12u1	252.23-1~deb12u1
`libuuid1`	CVE-2024-28085	HIGH	2.38.1-5+b1	2.38.1-5+deb12u1
`mount`	CVE-2024-28085	HIGH	2.38.1-5+b1	2.38.1-5+deb12u1
`openssl`	CVE-2023-5678	MEDIUM	3.0.11-1~deb12u2	3.0.13-1~deb12u1
`openssl`	CVE-2023-6129	MEDIUM	3.0.11-1~deb12u2	3.0.13-1~deb12u1
`openssl`	CVE-2023-6237	MEDIUM	3.0.11-1~deb12u2	3.0.13-1~deb12u1
`openssl`	CVE-2024-0727	MEDIUM	3.0.11-1~deb12u2	3.0.13-1~deb12u1
`openssl`	CVE-2024-4603	MEDIUM	3.0.11-1~deb12u2	3.0.14-1~deb12u1
`openssl`	CVE-2024-4741	MEDIUM	3.0.11-1~deb12u2	3.0.14-1~deb12u1
`openssl`	CVE-2024-5535	MEDIUM	3.0.11-1~deb12u2	3.0.15-1~deb12u1
`openssl`	CVE-2024-6119	MEDIUM	3.0.11-1~deb12u2	3.0.14-1~deb12u2
`openssl`	CVE-2024-2511	LOW	3.0.11-1~deb12u2	3.0.14-1~deb12u1
`openssl`	CVE-2024-9143	LOW	3.0.11-1~deb12u2	3.0.15-1~deb12u1
`util-linux`	CVE-2024-28085	HIGH	2.38.1-5+b1	2.38.1-5+deb12u1
`util-linux-extra`	CVE-2024-28085	HIGH	2.38.1-5+b1	2.38.1-5+deb12u1

No Misconfigurations found

`Java`

292 known vulnerabilities found (CRITICAL: 22 HIGH: 151 MEDIUM: 98 LOW: 21)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`ca.uhn.hapi.fhir:org.hl7.fhir.r4`	CVE-2024-45294	HIGH	5.6.971	6.3.23
`ca.uhn.hapi.fhir:org.hl7.fhir.r4`	CVE-2024-45294	HIGH	5.6.971	6.3.23
`ca.uhn.hapi.fhir:org.hl7.fhir.r4`	CVE-2024-45294	HIGH	5.6.971	6.3.23
`ca.uhn.hapi.fhir:org.hl7.fhir.r4`	CVE-2024-51132	HIGH	5.6.971	6.4.0
`ca.uhn.hapi.fhir:org.hl7.fhir.r4`	CVE-2024-51132	HIGH	5.6.971	6.4.0
`ca.uhn.hapi.fhir:org.hl7.fhir.r4`	CVE-2024-51132	HIGH	5.6.971	6.4.0
`ca.uhn.hapi.fhir:org.hl7.fhir.r4`	CVE-2024-52007	HIGH	5.6.971	6.4.0
`ca.uhn.hapi.fhir:org.hl7.fhir.r4`	CVE-2024-52007	HIGH	5.6.971	6.4.0
`ca.uhn.hapi.fhir:org.hl7.fhir.r4`	CVE-2024-52007	HIGH	5.6.971	6.4.0
`ca.uhn.hapi.fhir:org.hl7.fhir.utilities`	CVE-2024-45294	HIGH	5.6.971	6.3.23
`ca.uhn.hapi.fhir:org.hl7.fhir.utilities`	CVE-2024-45294	HIGH	5.6.971	6.3.23
`ca.uhn.hapi.fhir:org.hl7.fhir.utilities`	CVE-2024-45294	HIGH	5.6.971	6.3.23
`ca.uhn.hapi.fhir:org.hl7.fhir.utilities`	CVE-2024-51132	HIGH	5.6.971	6.4.0
`ca.uhn.hapi.fhir:org.hl7.fhir.utilities`	CVE-2024-51132	HIGH	5.6.971	6.4.0
`ca.uhn.hapi.fhir:org.hl7.fhir.utilities`	CVE-2024-51132	HIGH	5.6.971	6.4.0
`ca.uhn.hapi.fhir:org.hl7.fhir.utilities`	CVE-2024-52007	HIGH	5.6.971	6.4.0
`ca.uhn.hapi.fhir:org.hl7.fhir.utilities`	CVE-2024-52007	HIGH	5.6.971	6.4.0
`ca.uhn.hapi.fhir:org.hl7.fhir.utilities`	CVE-2024-52007	HIGH	5.6.971	6.4.0
`ch.qos.logback:logback-classic`	CVE-2023-6378	HIGH	1.2.11	1.3.12, 1.4.12, 1.2.13
`ch.qos.logback:logback-classic`	CVE-2023-6378	HIGH	1.2.11	1.3.12, 1.4.12, 1.2.13
`ch.qos.logback:logback-core`	CVE-2023-6378	HIGH	1.2.11	1.3.12, 1.4.12, 1.2.13
`ch.qos.logback:logback-core`	CVE-2023-6378	HIGH	1.2.11	1.3.12, 1.4.12, 1.2.13
`com.amazonaws:aws-java-sdk-s3`	CVE-2022-31159	HIGH	1.11.1026	1.12.261
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36518	HIGH	2.11.4	2.13.2.1, 2.12.6.1
`com.fasterxml.jackson.core:jackson-databind`	CVE-2021-46877	HIGH	2.11.4	2.12.6, 2.13.1
`com.fasterxml.jackson.core:jackson-databind`	CVE-2022-42003	HIGH	2.11.4	2.12.7.1, 2.13.4.2
`com.fasterxml.jackson.core:jackson-databind`	CVE-2022-42004	HIGH	2.11.4	2.12.7.1, 2.13.4
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36518	HIGH	2.13.0	2.13.2.1, 2.12.6.1
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36518	HIGH	2.13.0	2.13.2.1, 2.12.6.1
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36518	HIGH	2.13.0	2.13.2.1, 2.12.6.1
`com.fasterxml.jackson.core:jackson-databind`	CVE-2021-46877	HIGH	2.13.0	2.12.6, 2.13.1
`com.fasterxml.jackson.core:jackson-databind`	CVE-2021-46877	HIGH	2.13.0	2.12.6, 2.13.1
`com.fasterxml.jackson.core:jackson-databind`	CVE-2021-46877	HIGH	2.13.0	2.12.6, 2.13.1
`com.fasterxml.jackson.core:jackson-databind`	CVE-2022-42003	HIGH	2.13.0	2.12.7.1, 2.13.4.2
`com.fasterxml.jackson.core:jackson-databind`	CVE-2022-42003	HIGH	2.13.0	2.12.7.1, 2.13.4.2
`com.fasterxml.jackson.core:jackson-databind`	CVE-2022-42003	HIGH	2.13.0	2.12.7.1, 2.13.4.2
`com.fasterxml.jackson.core:jackson-databind`	CVE-2022-42004	HIGH	2.13.0	2.12.7.1, 2.13.4
`com.fasterxml.jackson.core:jackson-databind`	CVE-2022-42004	HIGH	2.13.0	2.12.7.1, 2.13.4
`com.fasterxml.jackson.core:jackson-databind`	CVE-2022-42004	HIGH	2.13.0	2.12.7.1, 2.13.4
`com.fasterxml.jackson.core:jackson-databind`	CVE-2022-42003	HIGH	2.13.4	2.12.7.1, 2.13.4.2
`com.fasterxml.jackson.core:jackson-databind`	CVE-2017-17485	CRITICAL	2.6.7.4	2.9.4, 2.8.11, 2.7.9.2
`com.fasterxml.jackson.core:jackson-databind`	CVE-2018-11307	CRITICAL	2.6.7.4	2.7.9.4, 2.8.11.2, 2.9.6
`com.fasterxml.jackson.core:jackson-databind`	CVE-2018-14719	CRITICAL	2.6.7.4	2.9.7, 2.8.11.3, 2.7.9.5
`com.fasterxml.jackson.core:jackson-databind`	CVE-2018-7489	CRITICAL	2.6.7.4	2.8.11.1, 2.9.5, 2.7.9.3, 2.6.7.5
`com.fasterxml.jackson.core:jackson-databind`	CVE-2019-14379	CRITICAL	2.6.7.4	2.9.9.2, 2.8.11.4, 2.7.9.6
`com.fasterxml.jackson.core:jackson-databind`	CVE-2019-17267	CRITICAL	2.6.7.4	2.9.10, 2.8.11.5
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-9547	CRITICAL	2.6.7.4	2.9.10.4, 2.8.11.6, 2.7.9.7
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-9548	CRITICAL	2.6.7.4	2.9.10.4, 2.8.11.6, 2.7.9.7
`com.fasterxml.jackson.core:jackson-databind`	CVE-2018-12022	HIGH	2.6.7.4	2.7.9.4, 2.8.11.2, 2.9.6
`com.fasterxml.jackson.core:jackson-databind`	CVE-2018-5968	HIGH	2.6.7.4	2.8.11.1, 2.9.4, 2.7.9.5
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-10650	HIGH	2.6.7.4	2.9.10.4
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-24616	HIGH	2.6.7.4	2.9.10.6
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-24750	HIGH	2.6.7.4	2.6.7.5, 2.9.10.6
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-35490	HIGH	2.6.7.4	2.9.10.8
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-35491	HIGH	2.6.7.4	2.9.10.8
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-35728	HIGH	2.6.7.4	2.9.10.8
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36179	HIGH	2.6.7.4	2.9.10.8, 2.6.7.5
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36180	HIGH	2.6.7.4	2.9.10.8, 2.6.7.5
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36181	HIGH	2.6.7.4	2.9.10.8, 2.6.7.5
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36182	HIGH	2.6.7.4	2.9.10.8, 2.6.7.5
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36183	HIGH	2.6.7.4	2.9.10.8, 2.6.7.5
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36184	HIGH	2.6.7.4	2.9.10.8
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36185	HIGH	2.6.7.4	2.9.10.8
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36186	HIGH	2.6.7.4	2.9.10.8
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36187	HIGH	2.6.7.4	2.9.10.8
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36188	HIGH	2.6.7.4	2.9.10.8, 2.6.7.5
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36189	HIGH	2.6.7.4	2.9.10.8, 2.6.7.5
`com.fasterxml.jackson.core:jackson-databind`	CVE-2020-36518	HIGH	2.6.7.4	2.13.2.1, 2.12.6.1
`com.fasterxml.jackson.core:jackson-databind`	CVE-2021-20190	HIGH	2.6.7.4	2.9.10.7, 2.6.7.5
`com.fasterxml.jackson.core:jackson-databind`	CVE-2022-42003	HIGH	2.6.7.4	2.12.7.1, 2.13.4.2
`com.fasterxml.jackson.core:jackson-databind`	CVE-2022-42004	HIGH	2.6.7.4	2.12.7.1, 2.13.4
`com.fasterxml.woodstox:woodstox-core`	CVE-2022-40152	MEDIUM	5.3.0	6.4.0, 5.4.0
`com.fasterxml.woodstox:woodstox-core`	CVE-2022-40152	MEDIUM	5.3.0	6.4.0, 5.4.0
`com.fasterxml.woodstox:woodstox-core`	CVE-2022-40152	MEDIUM	5.3.0	6.4.0, 5.4.0
`com.google.code.gson:gson`	CVE-2022-25647	HIGH	2.2.4	2.8.9
`com.google.code.gson:gson`	CVE-2022-25647	HIGH	2.8.6	2.8.9
`com.google.guava:guava`	CVE-2018-10237	MEDIUM	14.0.1	24.1.1-android
`com.google.guava:guava`	CVE-2018-10237	MEDIUM	14.0.1	24.1.1-android
`com.google.guava:guava`	CVE-2018-10237	MEDIUM	14.0.1	24.1.1-android
`com.google.guava:guava`	CVE-2023-2976	MEDIUM	14.0.1	32.0.0-android
`com.google.guava:guava`	CVE-2023-2976	MEDIUM	14.0.1	32.0.0-android
`com.google.guava:guava`	CVE-2023-2976	MEDIUM	14.0.1	32.0.0-android
`com.google.guava:guava`	CVE-2020-8908	LOW	14.0.1	32.0.0-android
`com.google.guava:guava`	CVE-2020-8908	LOW	14.0.1	32.0.0-android
`com.google.guava:guava`	CVE-2020-8908	LOW	14.0.1	32.0.0-android
`com.google.guava:guava`	CVE-2023-2976	MEDIUM	30.1.1-jre	32.0.0-android
`com.google.guava:guava`	CVE-2023-2976	MEDIUM	30.1.1-jre	32.0.0-android
`com.google.guava:guava`	CVE-2023-2976	MEDIUM	30.1.1-jre	32.0.0-android
`com.google.guava:guava`	CVE-2023-2976	MEDIUM	30.1.1-jre	32.0.0-android
`com.google.guava:guava`	CVE-2020-8908	LOW	30.1.1-jre	32.0.0-android
`com.google.guava:guava`	CVE-2020-8908	LOW	30.1.1-jre	32.0.0-android
`com.google.guava:guava`	CVE-2020-8908	LOW	30.1.1-jre	32.0.0-android
`com.google.guava:guava`	CVE-2020-8908	LOW	30.1.1-jre	32.0.0-android
`com.google.guava:guava`	CVE-2023-2976	MEDIUM	31.0.1-jre	32.0.0-android
`com.google.guava:guava`	CVE-2023-2976	MEDIUM	31.0.1-jre	32.0.0-android
`com.google.guava:guava`	CVE-2023-2976	MEDIUM	31.0.1-jre	32.0.0-android
`com.google.guava:guava`	CVE-2020-8908	LOW	31.0.1-jre	32.0.0-android
`com.google.guava:guava`	CVE-2020-8908	LOW	31.0.1-jre	32.0.0-android
`com.google.guava:guava`	CVE-2020-8908	LOW	31.0.1-jre	32.0.0-android
`com.google.protobuf:protobuf-java`	CVE-2021-22569	HIGH	2.5.0	3.16.1, 3.18.2, 3.19.2
`com.google.protobuf:protobuf-java`	CVE-2021-22570	HIGH	2.5.0	3.15.0
`com.google.protobuf:protobuf-java`	CVE-2022-3509	HIGH	2.5.0	3.16.3, 3.19.6, 3.20.3, 3.21.7
`com.google.protobuf:protobuf-java`	CVE-2022-3510	HIGH	2.5.0	3.16.3, 3.19.6, 3.20.3, 3.21.7
`com.google.protobuf:protobuf-java`	CVE-2024-7254	HIGH	2.5.0	3.25.5, 4.27.5, 4.28.2
`com.google.protobuf:protobuf-java`	CVE-2022-3171	MEDIUM	2.5.0	3.21.7, 3.20.3, 3.19.6, 3.16.3
`com.google.protobuf:protobuf-java`	CVE-2021-22569	HIGH	3.3.0	3.16.1, 3.18.2, 3.19.2
`com.google.protobuf:protobuf-java`	CVE-2021-22570	HIGH	3.3.0	3.15.0
`com.google.protobuf:protobuf-java`	CVE-2022-3509	HIGH	3.3.0	3.16.3, 3.19.6, 3.20.3, 3.21.7
`com.google.protobuf:protobuf-java`	CVE-2022-3510	HIGH	3.3.0	3.16.3, 3.19.6, 3.20.3, 3.21.7
`com.google.protobuf:protobuf-java`	CVE-2024-7254	HIGH	3.3.0	3.25.5, 4.27.5, 4.28.2
`com.google.protobuf:protobuf-java`	CVE-2022-3171	MEDIUM	3.3.0	3.21.7, 3.20.3, 3.19.6, 3.16.3
`com.google.protobuf:protobuf-java`	CVE-2021-22569	HIGH	3.7.1	3.16.1, 3.18.2, 3.19.2
`com.google.protobuf:protobuf-java`	CVE-2021-22569	HIGH	3.7.1	3.16.1, 3.18.2, 3.19.2
`com.google.protobuf:protobuf-java`	CVE-2021-22569	HIGH	3.7.1	3.16.1, 3.18.2, 3.19.2
`com.google.protobuf:protobuf-java`	CVE-2021-22570	HIGH	3.7.1	3.15.0
`com.google.protobuf:protobuf-java`	CVE-2021-22570	HIGH	3.7.1	3.15.0
`com.google.protobuf:protobuf-java`	CVE-2021-22570	HIGH	3.7.1	3.15.0
`com.google.protobuf:protobuf-java`	CVE-2022-3509	HIGH	3.7.1	3.16.3, 3.19.6, 3.20.3, 3.21.7
`com.google.protobuf:protobuf-java`	CVE-2022-3509	HIGH	3.7.1	3.16.3, 3.19.6, 3.20.3, 3.21.7
`com.google.protobuf:protobuf-java`	CVE-2022-3509	HIGH	3.7.1	3.16.3, 3.19.6, 3.20.3, 3.21.7
`com.google.protobuf:protobuf-java`	CVE-2022-3510	HIGH	3.7.1	3.16.3, 3.19.6, 3.20.3, 3.21.7
`com.google.protobuf:protobuf-java`	CVE-2022-3510	HIGH	3.7.1	3.16.3, 3.19.6, 3.20.3, 3.21.7
`com.google.protobuf:protobuf-java`	CVE-2022-3510	HIGH	3.7.1	3.16.3, 3.19.6, 3.20.3, 3.21.7
`com.google.protobuf:protobuf-java`	CVE-2024-7254	HIGH	3.7.1	3.25.5, 4.27.5, 4.28.2
`com.google.protobuf:protobuf-java`	CVE-2024-7254	HIGH	3.7.1	3.25.5, 4.27.5, 4.28.2
`com.google.protobuf:protobuf-java`	CVE-2024-7254	HIGH	3.7.1	3.25.5, 4.27.5, 4.28.2
`com.google.protobuf:protobuf-java`	CVE-2022-3171	MEDIUM	3.7.1	3.21.7, 3.20.3, 3.19.6, 3.16.3
`com.google.protobuf:protobuf-java`	CVE-2022-3171	MEDIUM	3.7.1	3.21.7, 3.20.3, 3.19.6, 3.16.3
`com.google.protobuf:protobuf-java`	CVE-2022-3171	MEDIUM	3.7.1	3.21.7, 3.20.3, 3.19.6, 3.16.3
`com.nimbusds:nimbus-jose-jwt`	CVE-2023-52428	HIGH	9.8.1	9.37.2
`com.nimbusds:nimbus-jose-jwt`	CVE-2023-52428	HIGH	9.8.1	9.37.2
`com.nimbusds:nimbus-jose-jwt`	CVE-2023-52428	HIGH	9.8.1	9.37.2
`com.squareup.okio:okio`	CVE-2023-3635	MEDIUM	1.14.0	3.4.0, 1.17.6
`com.squareup.okio:okio`	CVE-2023-3635	MEDIUM	1.6.0	3.4.0, 1.17.6
`com.squareup.okio:okio`	CVE-2023-3635	MEDIUM	1.6.0	3.4.0, 1.17.6
`com.squareup.okio:okio`	CVE-2023-3635	MEDIUM	1.6.0	3.4.0, 1.17.6
`com.squareup.okio:okio-jvm`	CVE-2023-3635	MEDIUM	3.2.0	3.4.0
`com.squareup.okio:okio-jvm`	CVE-2023-3635	MEDIUM	3.2.0	3.4.0
`commons-io:commons-io`	CVE-2024-47554	HIGH	2.11.0	2.14.0
`commons-io:commons-io`	CVE-2024-47554	HIGH	2.11.0	2.14.0
`commons-io:commons-io`	CVE-2024-47554	HIGH	2.11.0	2.14.0
`commons-io:commons-io`	CVE-2024-47554	HIGH	2.11.0	2.14.0
`commons-io:commons-io`	CVE-2024-47554	HIGH	2.8.0	2.14.0
`commons-io:commons-io`	CVE-2024-47554	HIGH	2.8.0	2.14.0
`commons-io:commons-io`	CVE-2024-47554	HIGH	2.8.0	2.14.0
`commons-net:commons-net`	CVE-2021-37533	MEDIUM	3.6	3.9.0
`commons-net:commons-net`	CVE-2021-37533	MEDIUM	3.6	3.9.0
`commons-net:commons-net`	CVE-2021-37533	MEDIUM	3.6	3.9.0
`dnsjava:dnsjava`	CVE-2024-25638	HIGH	2.1.7	3.6.0
`dnsjava:dnsjava`	CVE-2024-25638	HIGH	2.1.7	3.6.0
`dnsjava:dnsjava`	CVE-2024-25638	HIGH	2.1.7	3.6.0
`io.airlift:aircompressor`	CVE-2024-36114	HIGH	0.21	0.27
`io.netty:netty`	CVE-2019-20444	CRITICAL	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2019-20444	CRITICAL	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2015-2156	HIGH	3.7.0.Final	3.10.3.Final, 3.9.8.Final
`io.netty:netty`	CVE-2015-2156	HIGH	3.7.0.Final	3.10.3.Final, 3.9.8.Final
`io.netty:netty`	CVE-2021-37136	HIGH	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2021-37136	HIGH	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2021-37137	HIGH	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2021-37137	HIGH	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2014-0193	MEDIUM	3.7.0.Final	3.6.9.Final, 3.7.1.Final, 3.8.2.Final, 3.9.1.Final, 4.0.19.Final
`io.netty:netty`	CVE-2014-0193	MEDIUM	3.7.0.Final	3.6.9.Final, 3.7.1.Final, 3.8.2.Final, 3.9.1.Final, 4.0.19.Final
`io.netty:netty`	CVE-2019-20445	MEDIUM	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2019-20445	MEDIUM	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2021-21290	MEDIUM	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2021-21290	MEDIUM	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2021-21295	MEDIUM	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2021-21295	MEDIUM	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2021-21409	MEDIUM	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2021-21409	MEDIUM	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2021-43797	MEDIUM	3.7.0.Final	4.0.0
`io.netty:netty`	CVE-2021-43797	MEDIUM	3.7.0.Final	4.0.0
`io.netty:netty-codec`	CVE-2021-37136	HIGH	4.1.61.Final	4.1.68.Final
`io.netty:netty-codec`	CVE-2021-37137	HIGH	4.1.61.Final	4.1.68.Final
`io.netty:netty-codec-http`	CVE-2021-43797	MEDIUM	4.1.61.Final	4.1.71.Final
`io.netty:netty-codec-http`	CVE-2022-24823	MEDIUM	4.1.61.Final	4.1.77.Final
`io.netty:netty-codec-http`	CVE-2024-29025	MEDIUM	4.1.61.Final	4.1.108.Final
`io.netty:netty-common`	CVE-2024-47535	MEDIUM	4.1.61.Final	4.1.115
`io.netty:netty-common`	CVE-2024-47535	MEDIUM	4.1.74.Final	4.1.115
`io.netty:netty-common`	CVE-2024-47535	MEDIUM	4.1.74.Final	4.1.115
`io.netty:netty-handler`	CVE-2023-34462	MEDIUM	4.1.61.Final	4.1.94.Final
`io.netty:netty-handler`	CVE-2023-34462	MEDIUM	4.1.74.Final	4.1.94.Final
`io.netty:netty-handler`	CVE-2023-34462	MEDIUM	4.1.74.Final	4.1.94.Final
`net.minidev:json-smart`	CVE-2021-31684	HIGH	1.3.2	1.3.3, 2.4.4
`net.minidev:json-smart`	CVE-2021-31684	HIGH	1.3.2	1.3.3, 2.4.4
`net.minidev:json-smart`	CVE-2021-31684	HIGH	1.3.2	1.3.3, 2.4.4
`net.minidev:json-smart`	CVE-2023-1370	HIGH	1.3.2	2.4.9
`net.minidev:json-smart`	CVE-2023-1370	HIGH	1.3.2	2.4.9
`net.minidev:json-smart`	CVE-2023-1370	HIGH	1.3.2	2.4.9
`org.apache.avro:avro`	CVE-2024-47561	CRITICAL	1.11.0	1.11.4
`org.apache.avro:avro`	CVE-2023-39410	HIGH	1.11.0	1.11.3
`org.apache.avro:avro`	CVE-2024-47561	CRITICAL	1.7.7	1.11.4
`org.apache.avro:avro`	CVE-2024-47561	CRITICAL	1.7.7	1.11.4
`org.apache.avro:avro`	CVE-2024-47561	CRITICAL	1.7.7	1.11.4
`org.apache.avro:avro`	CVE-2023-39410	HIGH	1.7.7	1.11.3
`org.apache.avro:avro`	CVE-2023-39410	HIGH	1.7.7	1.11.3
`org.apache.avro:avro`	CVE-2023-39410	HIGH	1.7.7	1.11.3
`org.apache.commons:commons-compress`	CVE-2024-25710	HIGH	1.21	1.26.0
`org.apache.commons:commons-compress`	CVE-2024-25710	HIGH	1.21	1.26.0
`org.apache.commons:commons-compress`	CVE-2024-25710	HIGH	1.21	1.26.0
`org.apache.commons:commons-compress`	CVE-2024-25710	HIGH	1.21	1.26.0
`org.apache.commons:commons-compress`	CVE-2024-26308	MEDIUM	1.21	1.26.0
`org.apache.commons:commons-compress`	CVE-2024-26308	MEDIUM	1.21	1.26.0
`org.apache.commons:commons-compress`	CVE-2024-26308	MEDIUM	1.21	1.26.0
`org.apache.commons:commons-compress`	CVE-2024-26308	MEDIUM	1.21	1.26.0
`org.apache.commons:commons-configuration2`	CVE-2024-29131	MEDIUM	2.1.1	2.10.1
`org.apache.commons:commons-configuration2`	CVE-2024-29131	MEDIUM	2.1.1	2.10.1
`org.apache.commons:commons-configuration2`	CVE-2024-29131	MEDIUM	2.1.1	2.10.1
`org.apache.commons:commons-configuration2`	CVE-2024-29133	MEDIUM	2.1.1	2.10.1
`org.apache.commons:commons-configuration2`	CVE-2024-29133	MEDIUM	2.1.1	2.10.1
`org.apache.commons:commons-configuration2`	CVE-2024-29133	MEDIUM	2.1.1	2.10.1
`org.apache.derby:derby`	CVE-2022-46337	CRITICAL	10.14.2.0	10.14.3, 10.15.2.1, 10.16.1.2, 10.17.1.0
`org.apache.hadoop:hadoop-common`	CVE-2022-25168	CRITICAL	3.3.2	2.10.2, 3.2.4, 3.3.3
`org.apache.hadoop:hadoop-common`	CVE-2022-25168	CRITICAL	3.3.2	2.10.2, 3.2.4, 3.3.3
`org.apache.hadoop:hadoop-common`	CVE-2022-25168	CRITICAL	3.3.2	2.10.2, 3.2.4, 3.3.3
`org.apache.hadoop:hadoop-common`	CVE-2024-23454	LOW	3.3.2	3.4.0
`org.apache.hadoop:hadoop-common`	CVE-2024-23454	LOW	3.3.2	3.4.0
`org.apache.hadoop:hadoop-common`	CVE-2024-23454	LOW	3.3.2	3.4.0
`org.apache.ivy:ivy`	CVE-2022-46751	HIGH	2.5.1	2.5.2
`org.apache.kafka:kafka-clients`	CVE-2024-31141	MEDIUM	2.8.1	3.7.1
`org.apache.kafka:kafka-clients`	CVE-2024-31141	MEDIUM	2.8.1	3.7.1
`org.apache.mesos:mesos`	CVE-2018-1330	HIGH	1.4.3	1.6.0
`org.apache.thrift:libthrift`	CVE-2019-0205	HIGH	0.12.0	0.13.0
`org.apache.thrift:libthrift`	CVE-2020-13949	HIGH	0.12.0	0.14.0
`org.apache.zookeeper:zookeeper`	CVE-2023-44981	CRITICAL	3.4.8	3.7.2, 3.8.3, 3.9.1
`org.apache.zookeeper:zookeeper`	CVE-2023-44981	CRITICAL	3.4.8	3.7.2, 3.8.3, 3.9.1
`org.apache.zookeeper:zookeeper`	CVE-2017-5637	HIGH	3.4.8	3.4.10, 3.5.3
`org.apache.zookeeper:zookeeper`	CVE-2017-5637	HIGH	3.4.8	3.4.10, 3.5.3
`org.apache.zookeeper:zookeeper`	CVE-2018-8012	HIGH	3.4.8	3.4.10, 3.5.4-beta
`org.apache.zookeeper:zookeeper`	CVE-2018-8012	HIGH	3.4.8	3.4.10, 3.5.4-beta
`org.apache.zookeeper:zookeeper`	CVE-2019-0201	MEDIUM	3.4.8	3.4.14, 3.5.5
`org.apache.zookeeper:zookeeper`	CVE-2019-0201	MEDIUM	3.4.8	3.4.14, 3.5.5
`org.apache.zookeeper:zookeeper`	CVE-2023-44981	CRITICAL	3.6.2	3.7.2, 3.8.3, 3.9.1
`org.apache.zookeeper:zookeeper`	CVE-2023-44981	CRITICAL	3.6.2	3.7.2, 3.8.3, 3.9.1
`org.apache.zookeeper:zookeeper`	CVE-2024-23944	MEDIUM	3.6.2	3.8.4, 3.9.2
`org.apache.zookeeper:zookeeper`	CVE-2024-23944	MEDIUM	3.6.2	3.8.4, 3.9.2
`org.eclipse.jetty:jetty-http`	CVE-2023-40167	MEDIUM	9.4.43.v20210629	9.4.52, 10.0.16, 11.0.16, 12.0.1
`org.eclipse.jetty:jetty-http`	CVE-2023-40167	MEDIUM	9.4.43.v20210629	9.4.52, 10.0.16, 11.0.16, 12.0.1
`org.eclipse.jetty:jetty-http`	CVE-2023-40167	MEDIUM	9.4.43.v20210629	9.4.52, 10.0.16, 11.0.16, 12.0.1
`org.eclipse.jetty:jetty-http`	CVE-2024-6763	MEDIUM	9.4.43.v20210629	12.0.12
`org.eclipse.jetty:jetty-http`	CVE-2024-6763	MEDIUM	9.4.43.v20210629	12.0.12
`org.eclipse.jetty:jetty-http`	CVE-2024-6763	MEDIUM	9.4.43.v20210629	12.0.12
`org.eclipse.jetty:jetty-http`	CVE-2022-2047	LOW	9.4.43.v20210629	9.4.47, 10.0.10, 11.0.10
`org.eclipse.jetty:jetty-http`	CVE-2022-2047	LOW	9.4.43.v20210629	9.4.47, 10.0.10, 11.0.10
`org.eclipse.jetty:jetty-http`	CVE-2022-2047	LOW	9.4.43.v20210629	9.4.47, 10.0.10, 11.0.10
`org.eclipse.jetty:jetty-http`	CVE-2023-40167	MEDIUM	9.4.48.v20220622	9.4.52, 10.0.16, 11.0.16, 12.0.1
`org.eclipse.jetty:jetty-http`	CVE-2024-6763	MEDIUM	9.4.48.v20220622	12.0.12
`org.eclipse.jetty:jetty-server`	CVE-2023-26048	MEDIUM	9.4.48.v20220622	9.4.51.v20230217, 10.0.14, 11.0.14
`org.eclipse.jetty:jetty-server`	CVE-2024-8184	MEDIUM	9.4.48.v20220622	12.0.9, 10.0.24, 11.0.24, 9.4.56
`org.eclipse.jetty:jetty-server`	CVE-2023-26049	LOW	9.4.48.v20220622	9.4.51.v20230217, 10.0.14, 11.0.14, 12.0.0.beta0
`org.eclipse.jetty:jetty-servlets`	CVE-2024-9823	MEDIUM	9.4.48.v20220622	9.4.54, 10.0.18, 11.0.18
`org.eclipse.jetty:jetty-servlets`	CVE-2023-36479	LOW	9.4.48.v20220622	9.4.52, 10.0.16, 11.0.16
`org.eclipse.jetty:jetty-xml`	GHSA-58qw-p7qm-5rvh	LOW	9.4.43.v20210629	10.0.16, 11.0.16, 12.0.0, 9.4.52.v20230823
`org.eclipse.jetty:jetty-xml`	GHSA-58qw-p7qm-5rvh	LOW	9.4.43.v20210629	10.0.16, 11.0.16, 12.0.0, 9.4.52.v20230823
`org.eclipse.jetty:jetty-xml`	GHSA-58qw-p7qm-5rvh	LOW	9.4.43.v20210629	10.0.16, 11.0.16, 12.0.0, 9.4.52.v20230823
`org.hibernate.validator:hibernate-validator`	CVE-2020-10693	MEDIUM	6.0.13.Final	6.1.5.Final, 6.0.20.Final
`org.hibernate.validator:hibernate-validator`	CVE-2020-10693	MEDIUM	6.0.13.Final	6.1.5.Final, 6.0.20.Final
`org.hibernate.validator:hibernate-validator`	CVE-2020-10693	MEDIUM	6.0.13.Final	6.1.5.Final, 6.0.20.Final
`org.hibernate.validator:hibernate-validator`	CVE-2023-1932	MEDIUM	6.0.13.Final	6.2.0.Final
`org.hibernate.validator:hibernate-validator`	CVE-2023-1932	MEDIUM	6.0.13.Final	6.2.0.Final
`org.hibernate.validator:hibernate-validator`	CVE-2023-1932	MEDIUM	6.0.13.Final	6.2.0.Final
`org.infinispan.protostream:protostream`	CVE-2023-5236	HIGH	4.6.0.Final	4.6.2.Final
`org.infinispan.protostream:protostream`	CVE-2023-5236	HIGH	4.6.0.Final	4.6.2.Final
`org.infinispan.protostream:protostream`	CVE-2023-5236	HIGH	4.6.0.Final	4.6.2.Final
`org.infinispan:infinispan-commons`	CVE-2023-5384	MEDIUM	14.0.5.Final	15.0.0.Dev07, 14.0.25.Final
`org.infinispan:infinispan-commons`	CVE-2023-5384	MEDIUM	14.0.5.Final	15.0.0.Dev07, 14.0.25.Final
`org.infinispan:infinispan-commons`	CVE-2023-5384	MEDIUM	14.0.5.Final	15.0.0.Dev07, 14.0.25.Final
`org.infinispan:infinispan-core`	CVE-2023-5384	MEDIUM	14.0.5.Final	15.0.0.Dev07, 14.0.25.Final
`org.infinispan:infinispan-core`	CVE-2023-5384	MEDIUM	14.0.5.Final	15.0.0.Dev07, 14.0.25.Final
`org.infinispan:infinispan-core`	CVE-2023-5384	MEDIUM	14.0.5.Final	15.0.0.Dev07, 14.0.25.Final
`org.json:json`	CVE-2022-45688	HIGH	20220924	20230227
`org.json:json`	CVE-2022-45688	HIGH	20220924	20230227
`org.json:json`	CVE-2022-45688	HIGH	20220924	20230227
`org.json:json`	CVE-2023-5072	HIGH	20220924	20231013
`org.json:json`	CVE-2023-5072	HIGH	20220924	20231013
`org.json:json`	CVE-2023-5072	HIGH	20220924	20231013
`org.xerial.snappy:snappy-java`	CVE-2023-34455	HIGH	1.1.8.4	1.1.10.1
`org.xerial.snappy:snappy-java`	CVE-2023-34455	HIGH	1.1.8.4	1.1.10.1
`org.xerial.snappy:snappy-java`	CVE-2023-34455	HIGH	1.1.8.4	1.1.10.1
`org.xerial.snappy:snappy-java`	CVE-2023-43642	HIGH	1.1.8.4	1.1.10.4
`org.xerial.snappy:snappy-java`	CVE-2023-43642	HIGH	1.1.8.4	1.1.10.4
`org.xerial.snappy:snappy-java`	CVE-2023-43642	HIGH	1.1.8.4	1.1.10.4
`org.xerial.snappy:snappy-java`	CVE-2023-34453	MEDIUM	1.1.8.4	1.1.10.1
`org.xerial.snappy:snappy-java`	CVE-2023-34453	MEDIUM	1.1.8.4	1.1.10.1
`org.xerial.snappy:snappy-java`	CVE-2023-34453	MEDIUM	1.1.8.4	1.1.10.1
`org.xerial.snappy:snappy-java`	CVE-2023-34454	MEDIUM	1.1.8.4	1.1.10.1
`org.xerial.snappy:snappy-java`	CVE-2023-34454	MEDIUM	1.1.8.4	1.1.10.1
`org.xerial.snappy:snappy-java`	CVE-2023-34454	MEDIUM	1.1.8.4	1.1.10.1
`org.yaml:snakeyaml`	CVE-2022-1471	HIGH	1.31	2.0
`org.yaml:snakeyaml`	CVE-2022-38752	MEDIUM	1.31	1.32
`org.yaml:snakeyaml`	CVE-2022-41854	MEDIUM	1.31	1.32
`software.amazon.ion:ion-java`	CVE-2024-21634	HIGH	1.0.2	1.10.5

No Misconfigurations found

`Python`

1 known vulnerabilities found (CRITICAL: 0 HIGH: 1 MEDIUM: 0 LOW: 0)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`setuptools`	CVE-2024-6345	HIGH	68.2.2	70.0.0

No Misconfigurations found

`opt/bitnami/java`

No Vulnerabilities found

No Misconfigurations found

`opt/bitnami/python`

15 known vulnerabilities found (CRITICAL: 1 HIGH: 7 MEDIUM: 6 LOW: 1)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`python`	CVE-2023-36632	HIGH	3.10.13-20	3.11.4
`python`	CVE-2023-6597	HIGH	3.10.13-20	3.8.19, 3.9.19, 3.10.14, 3.11.8, 3.12.1
`python`	CVE-2024-0397	HIGH	3.10.13-20	3.8.20, 3.9.20, 3.10.14, 3.11.9, 3.12.3
`python`	CVE-2024-4032	HIGH	3.10.13-20	3.8.20, 3.9.20, 3.10.15, 3.11.10, 3.12.4
`python`	CVE-2024-6232	HIGH	3.10.13-20	3.12.6, 3.11.10, 3.10.15, 3.9.20, 3.8.20
`python`	CVE-2024-7592	HIGH	3.10.13-20	3.12.6, 3.11.10, 3.10.15, 3.9.20, 3.8.20
`python`	CVE-2023-27043	MEDIUM	3.10.13-20	3.8.20, 3.12.6, 3.11.10, 3.10.15, 3.9.20
`python`	CVE-2024-0450	MEDIUM	3.10.13-20	3.8.19, 3.9.19, 3.10.14, 3.11.8, 3.12.2
`python`	CVE-2024-50602	MEDIUM	3.10.13-20	3.13.1, 3.12.8, 3.11.11, 3.10.16, 3.9.21
`python`	CVE-2024-6923	MEDIUM	3.10.13-20	3.8.20, 3.9.20, 3.10.15, 3.11.10, 3.12.5
`python`	CVE-2024-8088	MEDIUM	3.10.13-20	3.8.20, 3.9.20, 3.10.15, 3.11.10, 3.12.6
`python`	CVE-2024-9287	MEDIUM	3.10.13-20	3.9.21, 3.10.16, 3.11.11, 3.12.8, 3.13.1
`python`	CVE-2024-11168	LOW	3.10.13-20	3.9.21, 3.10.16, 3.11.4
`setuptools`	CVE-2024-6345	HIGH	68.2.2	70.0.0
`virtualenv`	CVE-2024-53899	CRITICAL	20.25.1	20.26.6

No Misconfigurations found

`opt/bitnami/spark`

No Vulnerabilities found

No Misconfigurations found

renovate bot force-pushed the renovate/all-minor-patch branch 4 times, most recently from b27ce4f to 8977c8b Compare March 4, 2024 19:03

renovate bot force-pushed the renovate/all-minor-patch branch 2 times, most recently from 6dc0ae0 to c581e88 Compare March 12, 2024 13:59

renovate bot force-pushed the renovate/all-minor-patch branch 7 times, most recently from ddc6887 to 7d9ce3e Compare April 1, 2024 16:53

renovate bot force-pushed the renovate/all-minor-patch branch 6 times, most recently from cb16084 to c389554 Compare April 10, 2024 12:55

renovate bot force-pushed the renovate/all-minor-patch branch 4 times, most recently from e2f18dd to 22336c8 Compare April 16, 2024 17:33

renovate bot force-pushed the renovate/all-minor-patch branch from 22336c8 to 88cdcba Compare April 23, 2024 19:10

renovate bot force-pushed the renovate/all-minor-patch branch 5 times, most recently from 3516dca to e9fdbb1 Compare May 7, 2024 08:30

renovate bot force-pushed the renovate/all-minor-patch branch 15 times, most recently from bd6b103 to 840240a Compare November 24, 2024 17:00

renovate bot force-pushed the renovate/all-minor-patch branch 7 times, most recently from c667650 to dc4eda7 Compare December 3, 2024 16:33

renovate bot force-pushed the renovate/all-minor-patch branch from dc4eda7 to 8b53cd5 Compare December 6, 2024 02:46

renovate bot force-pushed the renovate/all-minor-patch branch 3 times, most recently from 1875fe6 to 5f79b6c Compare December 14, 2024 06:46

chore(deps): update all non-major dependencies

be0a7cb

renovate bot force-pushed the renovate/all-minor-patch branch from 5f79b6c to be0a7cb Compare December 14, 2024 13:00

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update all non-major dependencies #162

chore(deps): update all non-major dependencies #162

renovate bot commented Mar 1, 2024 •

edited

Loading

github-actions bot commented Mar 1, 2024 •

edited

Loading

github-actions bot commented Dec 14, 2024

github-actions bot commented Dec 14, 2024

chore(deps): update all non-major dependencies #162

Are you sure you want to change the base?

chore(deps): update all non-major dependencies #162

Conversation

renovate bot commented Mar 1, 2024 • edited Loading

Release Notes

v0.25.1

Features

Bug Fixes

Chores

Commits

v0.25.0

Features

Bug Fixes

Documentation

Chores

Configuration

github-actions bot commented Mar 1, 2024 • edited Loading

🦙 MegaLinter status: ⚠️ WARNING

github-actions bot commented Dec 14, 2024

Trivy image scan report

ghcr.io/bzkf/onco-analytics-on-fhir/decompose-xmls:pr-162 (debian 12.7)

8 known vulnerabilities found (CRITICAL: 2 HIGH: 2 MEDIUM: 2 LOW: 2)

No Misconfigurations found

Python

No Vulnerabilities found

No Misconfigurations found

github-actions bot commented Dec 14, 2024

Trivy image scan report

ghcr.io/bzkf/onco-analytics-on-fhir/obds-fhir-to-opal:pr-162 (debian 12.5)

53 known vulnerabilities found (CRITICAL: 4 HIGH: 21 MEDIUM: 24 LOW: 4)

No Misconfigurations found

Java

292 known vulnerabilities found (CRITICAL: 22 HIGH: 151 MEDIUM: 98 LOW: 21)

No Misconfigurations found

Python

1 known vulnerabilities found (CRITICAL: 0 HIGH: 1 MEDIUM: 0 LOW: 0)

No Misconfigurations found

opt/bitnami/java

No Vulnerabilities found

No Misconfigurations found

opt/bitnami/python

15 known vulnerabilities found (CRITICAL: 1 HIGH: 7 MEDIUM: 6 LOW: 1)

No Misconfigurations found

opt/bitnami/spark

No Vulnerabilities found

No Misconfigurations found

renovate bot commented Mar 1, 2024 •

edited

Loading

`v0.25.1`

`v0.25.0`

github-actions bot commented Mar 1, 2024 •

edited

Loading

`ghcr.io/bzkf/onco-analytics-on-fhir/decompose-xmls:pr-162 (debian 12.7)`

`Python`

`ghcr.io/bzkf/onco-analytics-on-fhir/obds-fhir-to-opal:pr-162 (debian 12.5)`

`Java`

`Python`

`opt/bitnami/java`

`opt/bitnami/python`

`opt/bitnami/spark`