Skip to content

Update dependency org.springframework.boot:spring-boot-starter-web to v3.4.11 - autoclosed #25

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
mend-for-github-com wants to merge 1 commit into from

Update dependency org.springframework.boot:spring-boot-starter-web to…

6f24c07
Select commit
Loading
Failed to load commit list.
Closed

Update dependency org.springframework.boot:spring-boot-starter-web to v3.4.11 - autoclosed #25

Update dependency org.springframework.boot:spring-boot-starter-web to…
6f24c07
Select commit
Loading
Failed to load commit list.
Mend for GitHub.com / WhiteSource Security Check failed Nov 21, 2025 in 1m 48s

Security Report

1 new vulnerabilities were introduced in this branch.

❌ New vulnerabilities:

Vulnerability Severity CVSS Score Vulnerable Library Direct Library Suggested Fix Issue
CVE-2025-41234

Path to dependency file: /pom.xml

Path to vulnerable library: /pom.xml

Dependency Hierarchy:

-> spring-boot-starter-web-3.3.5.jar (Root Library)

   -> spring-boot-starter-json-3.3.5.jar

     -> ❌ spring-web-6.1.14.jar (Vulnerable Library)

Medium 6.5 Transitive spring-web-6.1.14.jar spring-boot-starter-web-3.3.5.jar Transitive 6.1.21 #20

Base branch total remaining vulnerabilities: 25
Base branch commit: 23c17d47e49f3863c5f003a9e0d0c66a2a8aafa1


Total libraries scanned: 58

Scan token: 8a77df8416c3441aa9456f86c0787112

View more details on Mend for GitHub.com