Skip to content

Update dependency com.thoughtworks.xstream:xstream to v1.4.21#20

Open
dev-mend-for-github-com[bot] wants to merge 1 commit into
masterfrom
whitesource-remediate/com.thoughtworks.xstream-xstream-1.x
Open

Update dependency com.thoughtworks.xstream:xstream to v1.4.21#20
dev-mend-for-github-com[bot] wants to merge 1 commit into
masterfrom
whitesource-remediate/com.thoughtworks.xstream-xstream-1.x

Update dependency com.thoughtworks.xstream:xstream to v1.4.21

6fc3fb3
Select commit
Loading
Failed to load commit list.
Dev - Mend for GitHub.com / Mend Security Check failed Jun 26, 2026 in 4m 51s

Security Report

You have successfully remediated 12 vulnerabilities, but introduced 10 new vulnerabilities in this branch.

❌ New vulnerabilities:

Vulnerability Severity CVSS Score Vulnerable Library Direct Library Suggested Fix Issue Reachability
CVE-2020-11023

Dependency Hierarchy:

-> ❌ jquery-1.12.4.min.js (Vulnerable Library)

Medium 6.9 Direct jquery-1.12.4.min.js jquery-1.12.4.min.js org.webjars.npm:jquery:3.5.0,jquery - 3.5.0,jquery-rails - 4.4.0,jQuery - 3.5.0 #⁠8
CVE-2020-11022

Dependency Hierarchy:

-> ❌ jquery-1.12.4.min.js (Vulnerable Library)

Medium 6.9 Direct jquery-1.12.4.min.js jquery-1.12.4.min.js org.webjars.npm:jquery:3.5.0,jquery - 3.5.0,jquery - 3.5.0,jquery-rails - 4.4.0 #⁠8
CVE-2019-8331

Dependency Hierarchy:

-> ❌ bootstrap-3.3.4.min.js (Vulnerable Library)

Medium 6.1 Direct bootstrap-3.3.4.min.js bootstrap-3.3.4.min.js org.webjars:bootstrap:3.4.1,bootstrap - 4.3.1,bootstrap-sass - 3.4.1,bootstrap-sass - 3.4.1,bootstrap - 3.4.1,bootstrap.sass - 4.3.1,org.webjars:bootstrap:4.3.1,bootstrap - 4.3.1,bootstrap.less - 3.4.1,bootstrap - 4.3.1,bootstrap - 3.4.1 #⁠5
CVE-2019-11358

Dependency Hierarchy:

-> ❌ jquery-1.12.4.min.js (Vulnerable Library)

Medium 6.1 Direct jquery-1.12.4.min.js jquery-1.12.4.min.js org.webjars.npm:jquery:3.4.0,django - 2.2.2,jquery - 3.4.0,jquery-rails - 4.3.4,django - 2.1.9,jQuery - 3.4.0,jQuery - 3.4.0 #⁠8
CVE-2018-20677

Dependency Hierarchy:

-> ❌ bootstrap-3.3.4.min.js (Vulnerable Library)

Medium 6.1 Direct bootstrap-3.3.4.min.js bootstrap-3.3.4.min.js bootstrap-sass - 3.4.0,bootstrap - 3.4.0,org.webjars:bootstrap:3.4.0,bootstrap-sass - 3.4.0,bootstrap - 3.4.0,bootstrap - 3.4.0,bootstrap - 3.4.0,bootstrap-sass - 3.4.0,bootstrap-sass - 3.4.0,org.webjars:bootstrap:3.4.0 #⁠5
CVE-2018-20676

Dependency Hierarchy:

-> ❌ bootstrap-3.3.4.min.js (Vulnerable Library)

Medium 6.1 Direct bootstrap-3.3.4.min.js bootstrap-3.3.4.min.js bootstrap - 3.4.0,bootstrap - 3.4.0,bootstrap-sass - 3.4.0,bootstrap - 3.4.0,bootstrap-sass - 3.4.0,bootstrap-sass - 3.4.0,bootstrap - 3.4.0,org.webjars:bootstrap:3.4.0,bootstrap-sass - 3.4.0 #⁠5
CVE-2018-14042

Dependency Hierarchy:

-> ❌ bootstrap-3.3.4.min.js (Vulnerable Library)

Medium 6.1 Direct bootstrap-3.3.4.min.js bootstrap-3.3.4.min.js org.webjars:bootstrap:3.4.0,bootstrap.sass - 4.1.2,bootstrap - 4.1.2,org.webjars:bootstrap:4.1.2,bootstrap - 4.1.2,bootstrap - 3.4.0,bootstrap - 3.4.0,bootstrap-sass - 3.4.0,bootstrap - 4.1.2,org.webjars:bootstrap:3.4.0,bootstrap-sass - 3.4.0,bootstrap - 3.4.0,bootstrap - 4.1.2,bootstrap - 3.4.0,bootstrap - 4.1.2,bootstrap - 4.1.2,bootstrap-sass - 3.4.0,org.webjars:bootstrap:4.1.2,bootstrap-sass - 3.4.0,bootstrap.sass - 4.1.2 #⁠5
CVE-2018-14040

Dependency Hierarchy:

-> ❌ bootstrap-3.3.4.min.js (Vulnerable Library)

Medium 6.1 Direct bootstrap-3.3.4.min.js bootstrap-3.3.4.min.js org.webjars:bootstrap:4.1.2,https://github.com/twbs/bootstrap.git - v4.1.2,bootstrap - 4.1.2,bootstrap-sass - 3.4.0,bootstrap - 3.4.0,bootstrap - 4.1.2,bootstrap - 4.1.2,org.webjars:bootstrap:3.4.0,bootstrap.sass - 4.1.2,bootstrap - 3.4.0 #⁠5
CVE-2016-10735

Dependency Hierarchy:

-> ❌ bootstrap-3.3.4.min.js (Vulnerable Library)

Medium 6.1 Direct bootstrap-3.3.4.min.js bootstrap-3.3.4.min.js bootstrap - 3.4.0,org.webjars:bootstrap:4.0.0-beta.2,bootstrap - 4.0.0-beta.2,bootstrap-sass - 3.4.0,bootstrap - 3.4.0,org.webjars:bootstrap:3.4.0,bootstrap-sass - 3.4.0 #⁠5
CVE-2015-9251

Dependency Hierarchy:

-> ❌ jquery-1.12.4.min.js (Vulnerable Library)

Medium 6.1 Direct jquery-1.12.4.min.js jquery-1.12.4.min.js jquery - 3.0.0,org.webjars.npm:jquery:1.12.2,jQuery - 3.0.0,jquery-rails - 4.2.0,jquery - 1.12.2,org.webjars.npm:jquery:3.0.0,jQuery - 1.12.2,jQuery - 3.0.0,org.webjars.npm:jquery:1.12.2,org.webjars.npm:jquery:3.0.0,jquery - 3.0.0,jquery - 1.12.2,jQuery - 1.12.2,jquery-rails - 4.2.0 #⁠8

✔️ Remediated vulnerabilities:

Vulnerability Vulnerable Library
CVE-2019-11358 jquery-1.9.2.js
CVE-2024-47072 xstream-1.4.20.jar
CVE-2020-11023 jquery-2.1.4.min.js
CVE-2020-11022 jquery-1.9.2.js
CVE-2018-20677 struts-STRUTS_2_5_33
CVE-2019-11358 jquery-2.1.4.min.js
CVE-2020-11023 jquery-1.9.2.js
CVE-2026-33813 jquery-2.1.4.min.js
CVE-2015-9251 jquery-2.1.4.min.js
CVE-2015-9251 jquery-1.9.2.js
CVE-2020-11022 jquery-2.1.4.min.js
CVE-2018-14040 struts-STRUTS_2_5_33

Base branch total remaining vulnerabilities: 51
Base branch commit: null


Total libraries scanned: 101

Scan token: c1e669f091a64af3bb2ef8eea676eff4