Skip to content

Replace dependency org.hibernate:hibernate-core with org.hibernate.orm:hibernate-core (main) #208

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
mend-for-github-com wants to merge 1 commit into
base: main
Choose a base branch
from

Replace dependency org.hibernate:hibernate-core with org.hibernate.or…

e41cc30
Select commit
Loading
Failed to load commit list.
Open

Replace dependency org.hibernate:hibernate-core with org.hibernate.orm:hibernate-core (main) #208

Replace dependency org.hibernate:hibernate-core with org.hibernate.or…
e41cc30
Select commit
Loading
Failed to load commit list.
Mend for GitHub.com / WhiteSource Security Check succeeded Dec 13, 2025 in 1m 55s

Security Report

❗️Scan Incomplete: The scan completed with partial failure. The integration encountered issues with one or more projects in this repository, preventing their scan. The errors occurred in the following package managers: gradle,sbt. Consequently, there may be gaps in the coverage of open-source dependencies used in the repository.

Scan Details Report

gradle

/tmp/ws-scm/comms-router/test/demo-helper/play-helper/build.gradle
Step Level Description Details
Preparing the project for scan ⚠Warn One or more of the installations failed failed running mend init script (mendDeps):
NOTE: Picked up JDK_JAVA_OPTIONS: --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.base/sun.reflect.generics.reflectiveObjects=ALL-UNNAMED

FAILURE: Build failed with an exception.

* Where:
Build file '/tmp/ws-scm/comms-router/test/demo-helper/play-helper/build.gradle' line: 2

* What went wrong:
Plugin [id: 'play'] was not found in any o...

maven

/tmp/ws-scm/comms-router/pom.xml
Step Level Description Details
Preparing the project for scan ⚠Warn One or more of the installations failed [ERROR] [ERROR] Some problems were encountered while processing the POMs:
[ERROR] 'dependencies.dependency.version' for org.hibernate:hibernate-core:jar is missing. @ line 53, column 17
Resolving the project ⚠Warn Some problems occurred while performing the resolution operation
  • Failed to execute command: mvn org.apache.maven.plugins:maven-dependency-plugin:3.6.0:tree -DoutputFile=whitesource_mvn_dependency_tree.txt -Dverbose -DoutputType=text -T1 -B
    Error lines:
    [NOTE: Picked up JDK_JAVA_OPTIONS: --add-opens java.base/java.util=ALL-UNNAMED --add-opens java.base/sun.reflect.generics.reflectiveObjects=ALL-UNNAMED]
    Output lines:
    [[INFO] Scanning for project...
  • Fallback is used, returns direct dependencies only

✔️ 👍 You have successfully remediated 110 vulnerabilities in this branch:
Vulnerability Vulnerable Library
CVE-2020-10969 jackson-databind-2.8.4.jar
CVE-2022-40664 shiro-core-1.4.0.jar
CVE-2019-12086 jackson-databind-2.8.4.jar
CVE-2020-10650 jackson-databind-2.8.4.jar
CVE-2024-38828 spring-core-4.3.7.RELEASE.jar
CVE-2020-11112 jackson-databind-2.8.4.jar
WS-2018-0124 jackson-core-2.8.4.jar
CVE-2022-38750 snakeyaml-1.17.jar
CVE-2019-10086 commons-beanutils-1.9.3.jar
CVE-2025-53864 nimbus-jose-jwt-4.41.2.jar
CVE-2023-1932 hibernate-validator-5.4.1.Final.jar
CVE-2024-30172 bcprov-jdk15on-1.56.jar
CVE-2020-14062 jackson-databind-2.8.4.jar
CVE-2025-48924 commons-lang3-3.4.jar
CVE-2023-33201 bcprov-jdk15on-1.56.jar
CVE-2019-16942 jackson-databind-2.8.4.jar
CVE-2022-1471 snakeyaml-1.17.jar
WS-2019-0379 commons-codec-1.10.jar
CVE-2024-30171 bcprov-jdk15on-1.56.jar
CVE-2025-35036 hibernate-validator-5.4.1.Final.jar
WS-2017-3734 httpclient-4.5.jar
CVE-2020-14195 jackson-databind-2.8.4.jar
CVE-2020-10693 hibernate-validator-5.4.1.Final.jar
CVE-2022-22970 spring-core-4.3.7.RELEASE.jar
CVE-2025-48924 commons-lang-2.4.jar
CVE-2018-1272 spring-core-4.3.7.RELEASE.jar
CVE-2020-11989 shiro-core-1.4.0.jar
CVE-2023-25581 pac4j-core-2.2.1.jar
CVE-2023-46749 shiro-web-1.4.0.jar
CVE-2019-12422 shiro-crypto-cipher-1.4.0.jar
CVE-2022-40664 shiro-web-1.4.0.jar
CVE-2021-29425 commons-io-2.5.jar
CVE-2020-17510 shiro-web-1.4.0.jar
CVE-2023-1370 json-smart-2.3.jar
CVE-2022-38749 snakeyaml-1.17.jar
CVE-2022-25857 snakeyaml-1.17.jar
CVE-2022-38751 snakeyaml-1.17.jar
CVE-2023-44483 xmlsec-2.0.5.jar
CVE-2019-12400 xmlsec-2.0.5.jar
CVE-2025-52999 jackson-core-2.8.9.jar
CVE-2023-34478 shiro-core-1.4.0.jar
CVE-2020-13933 shiro-core-1.4.0.jar
CVE-2025-48924 commons-lang3-3.5.jar
CVE-2021-27568 json-smart-2.3.jar
CVE-2022-41854 snakeyaml-1.17.jar
WS-2017-3734 httpclient-4.3.6.jar
CVE-2019-16943 jackson-databind-2.8.4.jar
CVE-2020-10968 jackson-databind-2.8.4.jar
CVE-2023-52428 nimbus-jose-jwt-4.41.2.jar
CVE-2019-14540 jackson-databind-2.8.4.jar
CVE-2024-47554 commons-io-2.5.jar
CVE-2020-10673 jackson-databind-2.8.4.jar
CVE-2024-38820 spring-core-4.3.7.RELEASE.jar
WS-2022-0468 jackson-core-2.8.9.jar
CVE-2018-19360 jackson-databind-2.8.4.jar
CVE-2019-20330 jackson-databind-2.8.4.jar
CVE-2023-2976 guava-25.0-jre.jar
CVE-2020-10672 jackson-databind-2.8.4.jar
CVE-2017-7525 jackson-databind-2.8.4.jar
CVE-2025-52999 jackson-core-2.8.4.jar
CVE-2020-11113 jackson-databind-2.8.4.jar
CVE-2025-41249 spring-core-4.3.7.RELEASE.jar
CVE-2025-49128 jackson-core-2.8.9.jar
CVE-2020-1957 shiro-web-1.4.0.jar
CVE-2018-15756 spring-core-4.3.7.RELEASE.jar
CVE-2020-11619 jackson-databind-2.8.4.jar
CVE-2020-13956 httpclient-4.5.jar
CVE-2022-38752 snakeyaml-1.17.jar
CVE-2022-34169 xalan-2.7.2.jar
CVE-2019-17359 bcprov-jdk15on-1.56.jar
CVE-2018-11040 spring-core-4.3.7.RELEASE.jar
CVE-2018-1199 spring-core-4.3.7.RELEASE.jar
CVE-2020-8908 guava-25.0-jre.jar
CVE-2022-45688 json-20080701.jar
CVE-2020-14061 jackson-databind-2.8.4.jar
CVE-2020-13956 httpclient-4.5.3.jar
CVE-2024-29857 bcprov-jdk15on-1.56.jar
CVE-2022-42004 jackson-databind-2.8.4.jar
CVE-2018-1000632 dom4j-1.6.1.jar
CVE-2019-12422 shiro-core-1.4.0.jar
CVE-2019-17195 nimbus-jose-jwt-4.41.2.jar
CVE-2020-11620 jackson-databind-2.8.4.jar
WS-2022-0468 jackson-core-2.8.4.jar
CVE-2019-17267 jackson-databind-2.8.4.jar
CVE-2022-42003 jackson-databind-2.8.4.jar
CVE-2020-26939 bcprov-jdk15on-1.56.jar
CVE-2019-14892 jackson-databind-2.8.4.jar
CVE-2023-33202 bcprov-jdk15on-1.56.jar
CVE-2023-46749 shiro-core-1.4.0.jar
CVE-2023-46750 shiro-web-1.4.0.jar
CVE-2021-44228 log4j-core-2.8.2.jar
CVE-2020-13956 httpclient-4.3.6.jar
CVE-2025-49128 jackson-core-2.8.4.jar
CVE-2020-13936 velocity-1.7.jar
WS-2017-3805 json-20080701.jar
CVE-2025-48734 commons-beanutils-1.9.3.jar
CVE-2020-10683 dom4j-1.6.1.jar
CVE-2018-1000180 bcprov-jdk15on-1.56.jar
CVE-2025-48924 commons-lang3-3.2.1.jar
CVE-2020-11111 jackson-databind-2.8.4.jar
CVE-2020-14060 jackson-databind-2.8.4.jar
CVE-2022-32532 shiro-core-1.4.0.jar
CVE-2019-10202 jackson-databind-2.8.4.jar
CVE-2019-10755 pac4j-saml-2.3.1.jar
CVE-2020-11989 shiro-web-1.4.0.jar
WS-2019-0379 commons-codec-1.9.jar
CVE-2021-45046 log4j-core-2.8.2.jar
CVE-2023-5072 json-20080701.jar
CVE-2014-0114 commons-beanutils-1.9.3.jar
CVE-2019-14900 hibernate-core-5.2.11.Final.jar

Base branch total remaining vulnerabilities: 138
Base branch commit: 4e5656db54be4b22481fe3774c2caeba51bac190


Total libraries scanned: 91

Scan token: 1a09d59346824172b6394c2cb1a5b401

View more details on Mend for GitHub.com