graal-sdk 22.0.0.2 has 6 vulnerabilities

The develop branch comes with graal-sdk 22.0.0.2:

```
mvn dependency:tree -Dincludes=org.graalvm.sdk:graal-sdk
```

```
[INFO] com.intuit.karate:karate-core:jar:1.3.0-SNAPSHOT
[INFO] \- org.graalvm.js:js-scriptengine:jar:22.0.0.2:compile
[INFO]    \- org.graalvm.sdk:graal-sdk:jar:22.0.0.2:compile
```

Snyk reports 6 vulnerabilities for graal-sdk 22.0.0.2:
https://security.snyk.io/package/maven/org.graalvm.sdk:graal-sdk/22.0.0.2
* https://nvd.nist.gov/vuln/detail/CVE-2022-21434 Unsafe Reflection 
* https://nvd.nist.gov/vuln/detail/CVE-2022-21426 Denial of Service (DoS)
* https://nvd.nist.gov/vuln/detail/CVE-2022-21443 Denial of Service (DoS)
* https://nvd.nist.gov/vuln/detail/CVE-2022-21476 Information Exposure
* https://nvd.nist.gov/vuln/detail/CVE-2022-21496 Improper Input Validation 
* https://nvd.nist.gov/vuln/detail/CVE-2022-21449 Access Restriction Bypass 

Please upgrade to a fixed version of Graal.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

graal-sdk 22.0.0.2 has 6 vulnerabilities #2148

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

graal-sdk 22.0.0.2 has 6 vulnerabilities #2148

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions