Get a Demo

Let's Patch It!

Book a short call with one our specialists, we'll walk you through how Endor Patches work, and ask you a few questions about your environment (like your primary programming languages and repository management). We'll also send you an email right after you fill out the form, feel free to reply with any questions you have in advance!

Patch

org.springframework.ldap:spring-ldap 1.3.1.RELEASE

Back to all
Package Version

org.springframework.ldap:spring-ldap 1.3.1.RELEASE

Github Repository

Package Version Scores

Overall
0
/10
Security
4
Activity
7
Popularity
0
Quality
0
All Factors
Security
Activity
Popularity
Code Quality
Quality
Pull Requests from Bots
Pull requests from bot accounts indicate that the project is using automation for development tasks.
Quality
Pull Requests from Bots
Pull requests from bot accounts indicate that the project is using automation for development tasks.

Endor Patches

Patch Name
CVEs fixed
Lines of Code Changed
6744ca5e9a42c317b0016d72
CVEs Fixed
C
0
H
1
+12
-3

Vulnerabilities Fixed

Cve Name
CVE ID
Severity
Improper Authentication in Pivotal Spring-LDAP
CVE-2017-8028
High

Get the Patch Instantly Without Upgrading

Fix Without Upgrading
Detect compatible fix
Apply safe remediation
Fix with a single pull request

References

Basic Information

Ecosystem
Release Date
LINES OF CODE CHANGED
+12
-3
-
on latest patch
License
Patch Available

Get the Patch Instantly

Secure your app without upgrading.
Fix Without Upgrading
{
"items": [
{
"title": "Older Releases are Maintained",
"description": "The repository keeps releasing updates to earlier release trains, this is a sign of a commitment to maintaining and supporting the users of the project",
"category": "activity",
"type": "upscore"
},
{
"title": "Unfixed Low Severity Vulnerabilities",
"description": "Unfixed low severity vulnerabilities discovered in a repository indicate a somewhat elevated security risk. Analysis only considers vulnerabilities associated with this repository and not its dependencies. Vulnerability information is based on OSV.dev data and Endor's vulnerability database",
"category": "security",
"type": "downscore"
}
]
}