Skip to content

Sync up this path publish-async-query-core.yml from main to 2.19-dev and also changing the JAVA to 17 #4996

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Swiddis merged 1 commit into from
Jan 6, 2026

Sync up this path publish-async-query-core.yml from main to 2.19-dev …

45399f7
Select commit
Loading
Failed to load commit list.
Merged

Sync up this path publish-async-query-core.yml from main to 2.19-dev and also changing the JAVA to 17 #4996

Sync up this path publish-async-query-core.yml from main to 2.19-dev …
45399f7
Select commit
Loading
Failed to load commit list.
Mend for GitHub.com / WhiteSource Security Check failed Dec 24, 2025 in 3m 56s

Security Report

1 new vulnerabilities were introduced in this branch.

❌ New vulnerabilities:

Vulnerability Severity CVSS Score Vulnerable Library Direct Library Suggested Fix Issue
CVE-2025-68161

Path to dependency file: /common/build.gradle

Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.logging.log4j/log4j-core/2.21.0/122e1a9e0603cc9eae07b0846a6ff01f2454bc49/log4j-core-2.21.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.logging.log4j/log4j-core/2.21.0/122e1a9e0603cc9eae07b0846a6ff01f2454bc49/log4j-core-2.21.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.logging.log4j/log4j-core/2.21.0/122e1a9e0603cc9eae07b0846a6ff01f2454bc49/log4j-core-2.21.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.logging.log4j/log4j-core/2.21.0/122e1a9e0603cc9eae07b0846a6ff01f2454bc49/log4j-core-2.21.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.logging.log4j/log4j-core/2.21.0/122e1a9e0603cc9eae07b0846a6ff01f2454bc49/log4j-core-2.21.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.logging.log4j/log4j-core/2.21.0/122e1a9e0603cc9eae07b0846a6ff01f2454bc49/log4j-core-2.21.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.logging.log4j/log4j-core/2.21.0/122e1a9e0603cc9eae07b0846a6ff01f2454bc49/log4j-core-2.21.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.logging.log4j/log4j-core/2.21.0/122e1a9e0603cc9eae07b0846a6ff01f2454bc49/log4j-core-2.21.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.logging.log4j/log4j-core/2.21.0/122e1a9e0603cc9eae07b0846a6ff01f2454bc49/log4j-core-2.21.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.logging.log4j/log4j-core/2.21.0/122e1a9e0603cc9eae07b0846a6ff01f2454bc49/log4j-core-2.21.0.jar

Dependency Hierarchy:

-> ❌ log4j-core-2.21.0.jar (Vulnerable Library)

Medium 5.4 Direct log4j-core-2.21.0.jar log4j-core-2.21.0.jar 2.25.3 None

Base branch total remaining vulnerabilities: 0
Base branch commit: cbcdbd6fc918e4a356480300c208aa76f468fbf1


Total libraries scanned: 194

Scan token: e03dc87b42c84882a205b667a4ca24fc

View more details on Mend for GitHub.com