Get a Demo

Let's Patch It!

Book a short call with one our specialists, we'll walk you through how Endor Patches work, and ask you a few questions about your environment (like your primary programming languages and repository management). We'll also send you an email right after you fill out the form, feel free to reply with any questions you have in advance!

Patch

org.codehaus.jettison:jettison 1.5.3

Back to all
Package Version

org.codehaus.jettison:jettison 1.5.3

Github Repository

Package Version Scores

Overall
0
/10
Security
7
Activity
8
Popularity
7
Quality
7
All Factors
Security
Activity
Popularity
Code Quality
Quality
Pull Requests from Bots
Pull requests from bot accounts indicate that the project is using automation for development tasks.
Quality
Pull Requests from Bots
Pull requests from bot accounts indicate that the project is using automation for development tasks.

Endor Patches

Patch Name
CVEs fixed
Lines of Code Changed
66d76b6a498de0ed427ed607
CVEs Fixed
C
0
H
1
+24
-1

Vulnerabilities Fixed

Cve Name
CVE ID
Severity
Jettison vulnerable to infinite recursion
CVE-2023-1436
High

Get Your First 3 Patches Free

Fix Without Upgrading
Detect compatible fix
Apply safe remediation
Fix with a single pull request

References

Basic Information

Ecosystem
Release Date
September 10, 2024
LINES OF CODE CHANGED
+24
-1
-
on latest patch
License
Patch Available

Get Your First 3 Patches Free

Secure your app without upgrading.
Fix Without Upgrading
{
"items": [
{
"title": "Recent Issue Activity",
"description": "Recent issue activity indicates that the project is in active development",
"category": "activity",
"type": "upscore"
},
{
"title": "Open Vulnerability Related Issues",
"description": "A large number of open vulnerability related issues means that the project is not actively maintained and may have security issues. A issue is considered vulnerability related if it mentions a CVE in its message. Analysis only considers vulnerabilities associated with this repository and not its dependencies. Vulnerability information is based on OSV.dev data and Endor's vulnerability database",
"category": "security",
"type": "downscore"
},
{
"title": "High Ratio of Closed Issues",
"description": "More issues being closed than opened indicates that the project is active",
"category": "activity",
"type": "upscore"
},
{
"title": "High Ratio of Issues Created by External Contributors",
"description": "A high ratio of issues opened by external contributors indicates that the project is active",
"category": "activity",
"type": "upscore"
},
{
"title": "Pull Requests Have Labels",
"description": "Attaching labels to pull requests helps organize the development activity in the project",
"category": "code quality",
"type": "upscore"
},
{
"title": "Pull Requests from Bots",
"description": "Pull requests from bot accounts indicate that the project is using automation for development tasks",
"category": "code quality",
"type": "upscore"
},
{
"title": "Pull Requests From Dependency Management Bots",
"description": "Pull requests from dependency management bot accounts indicate that the project is using automation to keep its dependencies up to date",
"category": "code quality",
"type": "upscore"
},
{
"title": "Activity From Corporate Accounts",
"description": "Activity from corporate affiliated accounts indicates that the project may have reliable backing and support",
"category": "activity",
"type": "upscore"
},
{
"title": "Activity From Bot Accounts",
"description": "Activity from bot accounts shows that the project is using automation for some development tasks",
"category": "code quality",
"type": "upscore"
},
{
"title": "First Major Release Milestone Achieved",
"description": "The repository has reached 1.0 release status, this is a sign of maturity",
"category": "code quality",
"type": "upscore"
},
{
"title": "Frequent Releases",
"description": "The repository has frequent releases, this is a sign of a commitment to maintaining and supporting the codebase",
"category": "activity",
"type": "upscore"
},
{
"title": "Recent Release Activity",
"description": "The repository has some very recent releases and this shows that it is actively maintained",
"category": "activity",
"type": "upscore"
},
{
"title": "First Major Version Milestone Achieved",
"description": "The package has reached version 1.0.0, this is a sign of maturity",
"category": "code quality",
"type": "upscore"
},
{
"title": "Older Versions are Maintained",
"description": "The package keeps creating updates to earlier version trains, this is a sign of a commitment to maintaining and supporting the users of the project",
"category": "activity",
"type": "upscore"
},
{
"title": "Frequent Versions",
"description": "The package has frequent version creation, this is a sign of a commitment to maintaining and supporting the codebase",
"category": "activity",
"type": "upscore"
},
{
"title": "Recent Version Activity",
"description": "The package has recent version creation and this shows that it is actively maintained",
"category": "activity",
"type": "upscore"
},
{
"title": "Organization Repository",
"description": "When a repository belongs to an organization there is a lower risk of it getting abandoned in the future",
"category": "activity",
"type": "upscore"
},
{
"title": "No Known Vulnerabilities for this Version",
"description": "No vulnerabilities discovered in this version of the repository indicates that this is a version that is safe to use. Analysis only considers vulnerabilities associated with this repository and not its dependencies. Vulnerability information is based on OSV.dev data and Endor's vulnerability database",
"category": "security",
"type": "upscore"
},
{
"title": "Has Stars",
"description": "Having some stars indicates interest in the project. ",
"category": "popularity",
"type": "upscore"
},
{
"title": "Has Forks",
"description": "Having some forks shows an interest in the project",
"category": "popularity",
"type": "neutral"
},
{
"title": "Has Subscribers",
"description": "Having subscribers indicates interest in the project",
"category": "popularity",
"type": "upscore"
},
{
"title": "No Automated Build System",
"description": "Reproducible builds using makefiles or CI systems allow verification that no modifications, such as vulnerabilities or backdoors, have been introduced during a package's build process",
"category": "code quality",
"type": "downscore"
},
{
"title": "High Ratio of Test Code",
"description": "High quality projects should use tests",
"category": "code quality",
"type": "upscore"
},
{
"title": "Repository has Some Best Practice Files",
"description": "The repository has files that cover basic operational aspects of the project and this shows an emphasis on best practices",
"category": "code quality",
"type": "upscore"
}
]
}