Update ast-cli-java-wrapper to version 2.4.15 #405

cx-anurag-dalke · 2025-10-15T01:38:54Z

This PR updates the ast-cli-java-wrapper dependency in pom.xml to version 2.4.15.

github-actions · 2025-10-15T01:41:52Z

Checkmarx One – Scan Summary & Details – 10fc32e5-510a-4f06-9e73-bb64f656b588

New Issues (3)

Checkmarx found the following issues in this Pull Request

Issue	Source File / Package	Checkmarx Insight
CVE-2025-41249	Maven-org.springframework:spring-core-5.3.34	details Recommended version: 6.2.11 Description: The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized s... Attack Vector: NETWORK Attack Complexity: LOW `ID: zD9Hzw9T9Kj6NulRX66CsAfIdxeSFN27ZELQJb51IqE%3D` Vulnerable Package
CVE-2025-8916	Maven-org.bouncycastle:bcprov-jdk18on-1.78.1	details Recommended version: 1.79 Description: Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bcpkix, bcprov, bcpki... Attack Vector: NETWORK Attack Complexity: LOW `ID: 6r5Sd2w8562ZF4JP4WM9FD4DI%2FLAy2IDARCFqCiMyvU%3D` Vulnerable Package
CVE-2025-8916	Maven-org.bouncycastle:bcpkix-jdk18on-1.78.1	details Recommended version: 1.79 Description: Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bcpkix, bcprov, bcpki... Attack Vector: NETWORK Attack Complexity: LOW `ID: ZRRKR9GkVOGJPTw87OZ0%2BP5MGneZJ9oUQx3u%2F3jMFL8%3D` Vulnerable Package

Update ast-cli-java-wrapper to version 2.4.15

e5cca4a

cx-anurag-dalke enabled auto-merge October 15, 2025 01:39

Provide feedback