Update dependency org.apache.logging.log4j:log4j-core to v2.25.4 #19

Security Report

You have successfully remediated 11 vulnerabilities, but introduced 8 new vulnerabilities in this branch.

❌ New vulnerabilities:

Vulnerability	Severity	CVSS Score	Vulnerable Library	Direct Library	Suggested Fix	Issue
CVE-2020-11023 Dependency Hierarchy: -> ❌ jquery-1.12.4.min.js (Vulnerable Library)	Medium	6.9	`Direct` jquery-1.12.4.min.js	jquery-1.12.4.min.js	org.webjars.npm:jquery:3.5.0,jquery - 3.5.0,jquery-rails - 4.4.0,jQuery - 3.5.0	#8
CVE-2020-11022 Dependency Hierarchy: -> ❌ jquery-1.12.4.min.js (Vulnerable Library)	Medium	6.9	`Direct` jquery-1.12.4.min.js	jquery-1.12.4.min.js	org.webjars.npm:jquery:3.5.0,jquery - 3.5.0,jquery - 3.5.0,jquery-rails - 4.4.0	#8
CVE-2019-11358 Dependency Hierarchy: -> ❌ jquery-1.12.4.min.js (Vulnerable Library)	Medium	6.1	`Direct` jquery-1.12.4.min.js	jquery-1.12.4.min.js	org.webjars.npm:jquery:3.4.0,django - 2.2.2,jquery - 3.4.0,jquery-rails - 4.3.4,django - 2.1.9,jQuery - 3.4.0,jQuery - 3.4.0	#8
CVE-2018-20677 Dependency Hierarchy: -> ❌ bootstrap-3.3.4.min.js (Vulnerable Library)	Medium	6.1	`Direct` bootstrap-3.3.4.min.js	bootstrap-3.3.4.min.js	bootstrap - 3.4.0,org.webjars:bootstrap:3.4.0,bootstrap-sass - 3.4.0,bootstrap-sass - 3.4.0,bootstrap - 3.4.0	#5
CVE-2018-20676 Dependency Hierarchy: -> ❌ bootstrap-3.3.4.min.js (Vulnerable Library)	Medium	6.1	`Direct` bootstrap-3.3.4.min.js	bootstrap-3.3.4.min.js	bootstrap - 3.4.0,bootstrap-sass - 3.4.0,org.webjars:bootstrap:3.4.0,bootstrap - 3.4.0,bootstrap-sass - 3.4.0	#5
CVE-2018-14040 Dependency Hierarchy: -> ❌ bootstrap-3.3.4.min.js (Vulnerable Library)	Medium	6.1	`Direct` bootstrap-3.3.4.min.js	bootstrap-3.3.4.min.js	org.webjars:bootstrap:4.1.2,https://github.com/twbs/bootstrap.git - v4.1.2,bootstrap - 4.1.2,bootstrap-sass - 3.4.0,bootstrap - 3.4.0,bootstrap - 4.1.2,bootstrap - 4.1.2,org.webjars:bootstrap:3.4.0,bootstrap.sass - 4.1.2,bootstrap - 3.4.0	#5
CVE-2016-10735 Dependency Hierarchy: -> ❌ bootstrap-3.3.4.min.js (Vulnerable Library)	Medium	6.1	`Direct` bootstrap-3.3.4.min.js	bootstrap-3.3.4.min.js	bootstrap - 3.4.0,org.webjars:bootstrap:4.0.0-beta.2,bootstrap - 4.0.0-beta.2,bootstrap-sass - 3.4.0,bootstrap - 3.4.0,org.webjars:bootstrap:3.4.0,bootstrap-sass - 3.4.0	#5
CVE-2015-9251 Dependency Hierarchy: -> ❌ jquery-1.12.4.min.js (Vulnerable Library)	Medium	6.1	`Direct` jquery-1.12.4.min.js	jquery-1.12.4.min.js	jquery - 3.0.0,org.webjars.npm:jquery:1.12.2,jQuery - 3.0.0,jquery-rails - 4.2.0,jquery - 1.12.2,org.webjars.npm:jquery:3.0.0,jQuery - 1.12.2,jQuery - 3.0.0,org.webjars.npm:jquery:1.12.2,org.webjars.npm:jquery:3.0.0,jquery - 3.0.0,jquery - 1.12.2,jQuery - 1.12.2,jquery-rails - 4.2.0	#8

✔️ Remediated vulnerabilities:

Vulnerability	Vulnerable Library
CVE-2019-11358	jquery-1.9.2.js
CVE-2020-11023	jquery-2.1.4.min.js
CVE-2020-11023	jquery-1.9.2.js
CVE-2020-11022	jquery-1.9.2.js
CVE-2018-20677	struts-STRUTS_2_5_33
CVE-2015-9251	jquery-2.1.4.min.js
CVE-2015-9251	jquery-1.9.2.js
CVE-2019-11358	jquery-2.1.4.min.js
CVE-2020-11022	jquery-2.1.4.min.js
CVE-2026-34480	log4j-core-2.21.1.jar
CVE-2018-14040	struts-STRUTS_2_5_33

Base branch total remaining vulnerabilities: 48
Base branch commit: null

Total libraries scanned: 101

Scan token: 14f690b72991420d98c3b548e8b159cd

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update dependency org.apache.logging.log4j:log4j-core to v2.25.4 #19

Uh oh!

Uh oh!

Update dependency org.apache.logging.log4j:log4j-core to v2.25.4 #19

Uh oh!

Security Report

Re-running checks...

Update dependency org.apache.logging.log4j:log4j-core to v2.25.4 #19

Are you sure you want to change the base?

Uh oh!

Update dependency org.apache.logging.log4j:log4j-core to v2.25.4

Uh oh!

Update dependency org.apache.logging.log4j:log4j-core to v2.25.4 #19

Uh oh!

Security Report

Re-running checks...