Skip to content

Update dependency com.vonage:client to v9 (main) #5

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
mend-for-github-com wants to merge 1 commit into
base: main
Choose a base branch
from

Update dependency com.vonage:client to v9

d7e326a
Select commit
Loading
Failed to load commit list.
Open

Update dependency com.vonage:client to v9 (main) #5

Update dependency com.vonage:client to v9
d7e326a
Select commit
Loading
Failed to load commit list.
Mend for GitHub.com / WhiteSource Security Check failed May 26, 2026 in 2m 18s

Security Report

❗️Scan Incomplete: The scan completed with partial failure. The integration encountered issues with one or more projects in this repository, preventing their scan. The errors occurred in the following package managers: gradle. Consequently, there may be gaps in the coverage of open-source dependencies used in the repository.

You have successfully remediated 56 vulnerabilities, but introduced 2 new vulnerabilities in this branch.

❌ New vulnerabilities:

Vulnerability Severity CVSS Score Exploit Maturity EPSS Vulnerable Library Direct Library Suggested Fix Issue Reachability
WS-2026-0003

Path to dependency file: /build.gradle

Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/com.fasterxml.jackson.core/jackson-core/2.19.0/a90640e59ea42632a8e331ff1d6b706cf306050a/jackson-core-2.19.0.jar

Dependency Hierarchy:

-> client-9.3.0.jar (Root Library)

   -> jackson-datatype-jsr310-2.19.0.jar

     -> ❌ jackson-core-2.19.0.jar (Vulnerable Library)

High 7.5 Not Defined Transitive jackson-core-2.19.0.jar client-9.3.0.jar Transitive com.fasterxml.jackson.core:jackson-core:2.18.6,https://github.com/FasterXML/jackson-core.git - jackson-core-2.21.1,https://github.com/FasterXML/jackson-core.git - jackson-core-2.18.6,tools.jackson.core:jackson-core:3.1.0,https://github.com/FasterXML/jackson-core.git - jackson-core-3.1.0 None
CVE-2025-48924

Path to dependency file: /build.gradle

Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.commons/commons-lang3/3.17.0/b17d2136f0460dcc0d2016ceefca8723bdf4ee70/commons-lang3-3.17.0.jar

Dependency Hierarchy:

-> client-9.3.0.jar (Root Library)

   -> ❌ commons-lang3-3.17.0.jar (Vulnerable Library)

Medium 5.3 Not Defined 0.095% Transitive commons-lang3-3.17.0.jar client-9.3.0.jar Transitive 3.18.0 None

✔️ Remediated vulnerabilities:

Vulnerability Vulnerable Library
CVE-2020-36183 jackson-databind-2.9.9.jar
CVE-2020-14061 jackson-databind-2.9.9.jar
CVE-2019-16942 jackson-databind-2.9.9.jar
CVE-2020-14060 jackson-databind-2.9.9.jar
CVE-2020-11112 jackson-databind-2.9.9.jar
CVE-2020-36182 jackson-databind-2.9.9.jar
CVE-2020-35728 jackson-databind-2.9.9.jar
CVE-2020-9546 jackson-databind-2.9.9.jar
CVE-2020-14062 jackson-databind-2.9.9.jar
CVE-2020-36184 jackson-databind-2.9.9.jar
CVE-2020-11111 jackson-databind-2.9.9.jar
CVE-2020-35490 jackson-databind-2.9.9.jar
CVE-2020-36185 jackson-databind-2.9.9.jar
CVE-2020-29582 kotlin-stdlib-1.3.31.jar
CVE-2022-42004 jackson-databind-2.9.9.jar
CVE-2020-36180 jackson-databind-2.9.9.jar
CVE-2020-10969 jackson-databind-2.9.9.jar
CVE-2020-36179 jackson-databind-2.9.9.jar
WS-2026-0003 jackson-core-2.9.9.jar
CVE-2020-10650 jackson-databind-2.9.9.jar
CVE-2019-12814 jackson-databind-2.9.9.jar
CVE-2020-10672 jackson-databind-2.9.9.jar
CVE-2020-24750 jackson-databind-2.9.9.jar
WS-2019-0379 commons-codec-1.11.jar
CVE-2025-52999 jackson-core-2.9.9.jar
CVE-2022-24329 kotlin-stdlib-1.3.31.jar
CVE-2020-9548 jackson-databind-2.9.9.jar
CVE-2019-14892 jackson-databind-2.9.9.jar
CVE-2020-11113 jackson-databind-2.9.9.jar
CVE-2020-14195 jackson-databind-2.9.9.jar
CVE-2020-36187 jackson-databind-2.9.9.jar
CVE-2020-8840 jackson-databind-2.9.9.jar
CVE-2021-29425 commons-io-2.5.jar
CVE-2020-36188 jackson-databind-2.9.9.jar
CVE-2020-24616 jackson-databind-2.9.9.jar
CVE-2020-11619 jackson-databind-2.9.9.jar
CVE-2021-20190 jackson-databind-2.9.9.jar
WS-2022-0468 jackson-core-2.9.9.jar
CVE-2020-10673 jackson-databind-2.9.9.jar
CVE-2019-14540 jackson-databind-2.9.9.jar
CVE-2019-20330 jackson-databind-2.9.9.jar
CVE-2019-17267 jackson-databind-2.9.9.jar
CVE-2025-49128 jackson-core-2.9.9.jar
CVE-2025-48924 commons-lang3-3.5.jar
CVE-2020-9547 jackson-databind-2.9.9.jar
CVE-2020-35491 jackson-databind-2.9.9.jar
CVE-2020-10968 jackson-databind-2.9.9.jar
CVE-2022-42003 jackson-databind-2.9.9.jar
CVE-2020-36186 jackson-databind-2.9.9.jar
CVE-2020-36189 jackson-databind-2.9.9.jar
CVE-2020-36181 jackson-databind-2.9.9.jar
CVE-2019-16943 jackson-databind-2.9.9.jar
CVE-2024-47554 commons-io-2.5.jar
CVE-2020-11620 jackson-databind-2.9.9.jar
CVE-2020-25649 jackson-databind-2.9.9.jar
CVE-2020-13956 httpclient-4.5.8.jar

Base branch total remaining vulnerabilities: 56
Base branch commit: 12ec9977edfe934fa90d7aeb7a99e9059990d923


Total libraries scanned: 15

Scan token: a998d0c059d94443b5afc4ac04abbce4

View more details on Mend for GitHub.com