tag:github.com,2008:https://github.com/anypointcloud/json-logger/releasesRelease notes from json-logger2025-09-04T10:14:35Ztag:github.com,2008:Repository/815291344/v3.0.22025-09-04T15:28:44Zv3.0.2<h2>What's Changed</h2>
<ul>
<li>Use commons-lang3 in pojo generation by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/mtransier/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/mtransier">@mtransier</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3382725213" data-permission-text="Title is private" data-url="https://github.com/anypointcloud/json-logger/issues/40" data-hovercard-type="pull_request" data-hovercard-url="/anypointcloud/json-logger/pull/40/hovercard" href="https://github.com/anypointcloud/json-logger/pull/40">#40</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a class="commit-link" href="https://github.com/anypointcloud/json-logger/compare/v3.0.1...v3.0.2"><tt>v3.0.1...v3.0.2</tt></a></p>mtransiertag:github.com,2008:Repository/815291344/v3.0.12025-09-02T07:44:29Zv3.0.1<h2>What's Changed</h2>
<ul>
<li>Fixed mimeType detection in DW module by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/mtransier/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/mtransier">@mtransier</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3085436831" data-permission-text="Title is private" data-url="https://github.com/anypointcloud/json-logger/issues/15" data-hovercard-type="pull_request" data-hovercard-url="/anypointcloud/json-logger/pull/15/hovercard" href="https://github.com/anypointcloud/json-logger/pull/15">#15</a></li>
<li>Bump commons-beanutils:commons-beanutils from 1.9.4 to 1.11.0 by <a class="user-mention notranslate" data-hovercard-type="organization" data-hovercard-url="/orgs/dependabot/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dependabot">@dependabot</a>[bot] in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3113009527" data-permission-text="Title is private" data-url="https://github.com/anypointcloud/json-logger/issues/16" data-hovercard-type="pull_request" data-hovercard-url="/anypointcloud/json-logger/pull/16/hovercard" href="https://github.com/anypointcloud/json-logger/pull/16">#16</a></li>
<li>Make jms and amqp connectors optional by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/mtransier/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/mtransier">@mtransier</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3114125597" data-permission-text="Title is private" data-url="https://github.com/anypointcloud/json-logger/issues/17" data-hovercard-type="pull_request" data-hovercard-url="/anypointcloud/json-logger/pull/17/hovercard" href="https://github.com/anypointcloud/json-logger/pull/17">#17</a></li>
<li>Updated operation parameter API for JMS destination by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/mtransier/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/mtransier">@mtransier</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3168684662" data-permission-text="Title is private" data-url="https://github.com/anypointcloud/json-logger/issues/19" data-hovercard-type="pull_request" data-hovercard-url="/anypointcloud/json-logger/pull/19/hovercard" href="https://github.com/anypointcloud/json-logger/pull/19">#19</a></li>
<li>Fix critical and high alerts by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/mtransier/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/mtransier">@mtransier</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3219619744" data-permission-text="Title is private" data-url="https://github.com/anypointcloud/json-logger/issues/21" data-hovercard-type="pull_request" data-hovercard-url="/anypointcloud/json-logger/pull/21/hovercard" href="https://github.com/anypointcloud/json-logger/pull/21">#21</a></li>
<li>Update parent version by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/mtransier/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/mtransier">@mtransier</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3219670969" data-permission-text="Title is private" data-url="https://github.com/anypointcloud/json-logger/issues/22" data-hovercard-type="pull_request" data-hovercard-url="/anypointcloud/json-logger/pull/22/hovercard" href="https://github.com/anypointcloud/json-logger/pull/22">#22</a></li>
<li>Update README.md by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/mtransier/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/mtransier">@mtransier</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3219726891" data-permission-text="Title is private" data-url="https://github.com/anypointcloud/json-logger/issues/24" data-hovercard-type="pull_request" data-hovercard-url="/anypointcloud/json-logger/pull/24/hovercard" href="https://github.com/anypointcloud/json-logger/pull/24">#24</a></li>
<li>Updated dependencies by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/mtransier/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/mtransier">@mtransier</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3231218922" data-permission-text="Title is private" data-url="https://github.com/anypointcloud/json-logger/issues/26" data-hovercard-type="pull_request" data-hovercard-url="/anypointcloud/json-logger/pull/26/hovercard" href="https://github.com/anypointcloud/json-logger/pull/26">#26</a></li>
<li>Release action by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/mtransier/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/mtransier">@mtransier</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3222905263" data-permission-text="Title is private" data-url="https://github.com/anypointcloud/json-logger/issues/25" data-hovercard-type="pull_request" data-hovercard-url="/anypointcloud/json-logger/pull/25/hovercard" href="https://github.com/anypointcloud/json-logger/pull/25">#25</a></li>
<li>Configure Sonatype Central publishing by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rhoegg/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rhoegg">@rhoegg</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3373698177" data-permission-text="Title is private" data-url="https://github.com/anypointcloud/json-logger/issues/31" data-hovercard-type="pull_request" data-hovercard-url="/anypointcloud/json-logger/pull/31/hovercard" href="https://github.com/anypointcloud/json-logger/pull/31">#31</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a class="user-mention notranslate" data-hovercard-type="organization" data-hovercard-url="/orgs/dependabot/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/dependabot">@dependabot</a>[bot] made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3113009527" data-permission-text="Title is private" data-url="https://github.com/anypointcloud/json-logger/issues/16" data-hovercard-type="pull_request" data-hovercard-url="/anypointcloud/json-logger/pull/16/hovercard" href="https://github.com/anypointcloud/json-logger/pull/16">#16</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a class="commit-link" href="https://github.com/anypointcloud/json-logger/compare/v2.2.3...v3.0.1"><tt>v2.2.3...v3.0.1</tt></a></p>mtransiertag:github.com,2008:Repository/815291344/v3.0.02025-05-23T03:20:56Zv3.0.0<p>[maven-release-plugin] copy for tag v3.0.0</p>rhoeggtag:github.com,2008:Repository/815291344/v2.2.32025-05-23T06:29:17Zv2.2.3<h2>What's Changed</h2>
<ul>
<li>Update README.md by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/tonedef71/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/tonedef71">@tonedef71</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2821492793" data-permission-text="Title is private" data-url="https://github.com/anypointcloud/json-logger/issues/9" data-hovercard-type="pull_request" data-hovercard-url="/anypointcloud/json-logger/pull/9/hovercard" href="https://github.com/anypointcloud/json-logger/pull/9">#9</a></li>
<li>Fix CI build by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/mtransier/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/mtransier">@mtransier</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2845773902" data-permission-text="Title is private" data-url="https://github.com/anypointcloud/json-logger/issues/12" data-hovercard-type="pull_request" data-hovercard-url="/anypointcloud/json-logger/pull/12/hovercard" href="https://github.com/anypointcloud/json-logger/pull/12">#12</a></li>
<li>Check input in stringifyNonJSON and other dw methods by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/mtransier/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/mtransier">@mtransier</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2845615518" data-permission-text="Title is private" data-url="https://github.com/anypointcloud/json-logger/issues/11" data-hovercard-type="pull_request" data-hovercard-url="/anypointcloud/json-logger/pull/11/hovercard" href="https://github.com/anypointcloud/json-logger/pull/11">#11</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/tonedef71/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/tonedef71">@tonedef71</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2821492793" data-permission-text="Title is private" data-url="https://github.com/anypointcloud/json-logger/issues/9" data-hovercard-type="pull_request" data-hovercard-url="/anypointcloud/json-logger/pull/9/hovercard" href="https://github.com/anypointcloud/json-logger/pull/9">#9</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a class="commit-link" href="https://github.com/anypointcloud/json-logger/compare/2.2.2...v2.2.3"><tt>2.2.2...v2.2.3</tt></a></p>mtransiertag:github.com,2008:Repository/815291344/2.2.22025-02-12T13:38:09Z2.2.2<h2>What's Changed</h2>
<ul>
<li>Replaced joda-time by JDK Date and Time API</li>
<li>Upgraded dependencies</li>
<li>Removed unused dependencies</li>
<li>Fixed AMQP destination</li>
</ul>
<p><strong>Full Changelog</strong>: <a class="commit-link" href="https://github.com/anypointcloud/json-logger/compare/2.2.1...2.2.2"><tt>2.2.1...2.2.2</tt></a></p>mtransiertag:github.com,2008:Repository/815291344/2.2.12025-02-12T13:38:22Z2.2.1<h2>What's Changed</h2>
<ul>
<li>Reorganized folder structure</li>
<li>Added Apache 2 license</li>
<li>Removed deployment script</li>
<li>Updated README to cover manual exchange deployment</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/mtransier/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/mtransier">@mtransier</a> made their first contribution in <a class="commit-link" data-hovercard-type="commit" data-hovercard-url="https://github.com/anypointcloud/json-logger/commit/08277c5ed340dbcfcb87dca5f5ef3ba634c14581/hovercard" href="https://github.com/anypointcloud/json-logger/commit/08277c5ed340dbcfcb87dca5f5ef3ba634c14581"><tt>08277c5</tt></a></li>
<li><a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rhoegg/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://github.com/rhoegg">@rhoegg</a> made their first contribution in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2417501194" data-permission-text="Title is private" data-url="https://github.com/anypointcloud/json-logger/issues/2" data-hovercard-type="pull_request" data-hovercard-url="/anypointcloud/json-logger/pull/2/hovercard" href="https://github.com/anypointcloud/json-logger/pull/2">#2</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a class="commit-link" href="https://github.com/anypointcloud/json-logger/compare/mule4.3x-v2.1.0...2.2.1"><tt>mule4.3x-v2.1.0...2.2.1</tt></a></p>mtransiertag:github.com,2008:Repository/815291344/v2.2.02024-04-10T14:16:48Zv2.2.0<p>Updated for Java 17</p>mtransiertag:github.com,2008:Repository/815291344/mule4.3x-v2.1.02022-11-17T18:40:47Zmule4.3x-v2.1.0: Merge pull request #50 from mulesoft-consulting/mule-4.3.x+<h1>JSON Logger 2.0.1 Vulnerabilities Fixed in this PR</h1>
<h2>Critical Severity</h2>
<ul>
<li>✗ XML External Entity (XXE) Injection [Critical Severity][https://security.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLWOODSTOX-2928754] in com.fasterxml.woodstox:woodstox-core@5.0.2<br>
introduced by org.mule.services:mule-service-weave:mule-service@2.1.2 > org.mule.weave:runtime@2.1.2 > org.mule.weave:core-modules@2.1.2 > com.fasterxml.woodstox:woodstox-core@5.0.2<br>
This issue was fixed in versions: 5.3.0</li>
<li>✗ Remote Code Execution (RCE) [Critical Severity][https://security.snyk.io/vuln/SNYK-JAVA-ORGMULERUNTIME-1089453] in org.mule.runtime:mule-core@4.1.1<br>
introduced by org.mule.runtime:mule-core@4.1.1<br>
This issue was fixed in versions: 4.3.0</li>
<li>✗ XML External Entity (XXE) Injection [Critical Severity][https://security.snyk.io/vuln/SNYK-JAVA-ORGMULERUNTIME-1089455] in org.mule.runtime:mule-core@4.1.1<br>
introduced by org.mule.runtime:mule-core@4.1.1<br>
This issue was fixed in versions: 4.3.0</li>
<li>✗ Remote Code Execution [Critical Severity][https://security.snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-2436751] in org.springframework:<a href="mailto:spring-beans@5.1.6.RELEASE">spring-beans@5.1.6.RELEASE</a><br>
introduced by org.mule.connectors:mule-jms-connector:mule-plugin@1.6.3 > org.mule.connectors:mule-jms-client@1.6.2 > org.springframework:<a href="mailto:spring-jms@5.1.6.RELEASE">spring-jms@5.1.6.RELEASE</a> > org.springframework:<a href="mailto:spring-beans@5.1.6.RELEASE">spring-beans@5.1.6.RELEASE</a><br>
This issue was fixed in versions: 5.2.20, 5.3.18</li>
</ul>
<h2>High Severity</h2>
<ul>
<li>✗ Denial of Service (DoS) [High Severity][https://security.snyk.io/vuln/SNYK-JAVA-ORGYAML-2806360] in org.yaml:snakeyaml@1.18<br>
introduced by org.mule.runtime:mule-core@4.1.1 > org.yaml:snakeyaml@1.18<br>
This issue was fixed in versions: 1.31</li>
<li>✗ XML External Entity (XXE) Injection [High Severity][https://security.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-1048302] in com.fasterxml.jackson.core:jackson-databind@2.10.3<br>
introduced by com.fasterxml.jackson.core:jackson-databind@2.10.3</li>
<li>✗ Denial of Service (DoS) [High Severity][https://security.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-2421244] in com.fasterxml.jackson.core:jackson-databind@2.10.3<br>
introduced by com.fasterxml.jackson.core:jackson-databind@2.10.3</li>
<li>✗ Denial of Service (DoS) [High Severity][https://security.snyk.io/vuln/SNYK-JAVA-NETMINIDEV-1078499] in net.minidev:json-smart@2.3<br>
introduced by com.jayway.jsonpath:json-path@2.4.0 > net.minidev:json-smart@2.3</li>
<li>✗ XML External Entity (XXE) Injection [High Severity][https://security.snyk.io/vuln/SNYK-JAVA-DOM4J-174153] in dom4j:dom4j@1.6.1<br>
introduced by org.mule.runtime:mule-module-extensions-spring-support@4.1.1 > dom4j:dom4j@1.6.1<br>
No upgrade or patch available</li>
<li>✗ Denial of Service (DoS) [High Severity][https://security.snyk.io/vuln/SNYK-JAVA-ORGJSON-2841369] in org.json:json@20160810<br>
introduced by org.mule.runtime:mule-metadata-model-json@1.1.1 > org.everit.json:org.everit.json.schema@1.5.0 > org.json:json@20160810<br>
This issue was fixed in versions: 20180130</li>
<li>✗ XML External Entity (XXE) Injection [High Severity][https://security.snyk.io/vuln/SNYK-JAVA-DOM4J-2812975] in dom4j:dom4j@1.6.1<br>
introduced by org.mule.runtime:mule-module-extensions-spring-support@4.1.1 > dom4j:dom4j@1.6.1<br>
No upgrade or patch available</li>
<li>✗ XML External Entity (XXE) Injection [High Severity][https://security.snyk.io/vuln/SNYK-JAVA-ORGAPACHEXMLBEANS-1060048] in org.apache.xmlbeans:xmlbeans@2.6.0<br>
introduced by org.mule.runtime:mule-metadata-model-xml@1.1.1 > org.apache.xmlbeans:xmlbeans@2.6.0<br>
This issue was fixed in versions: 3.0.0</li>
</ul>
<h2>Medium Severity</h2>
<ul>
<li>✗ Denial of Service (DoS) (new) [Medium Severity][https://security.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038424] in com.fasterxml.jackson.core:jackson-databind@2.10.3<br>
introduced by com.fasterxml.jackson.core:jackson-databind@2.10.3</li>
<li>✗ Denial of Service (DoS) (new) [Medium Severity][https://security.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038426] in com.fasterxml.jackson.core:jackson-databind@2.10.3<br>
introduced by com.fasterxml.jackson.core:jackson-databind@2.10.3</li>
<li>✗ Denial of Service (DoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-2326698] in com.fasterxml.jackson.core:jackson-databind@2.10.3<br>
introduced by com.fasterxml.jackson.core:jackson-databind@2.10.3</li>
<li>✗ Denial of Service (DoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JAVA-NETMINIDEV-1298655] in net.minidev:json-smart@2.3<br>
introduced by com.jayway.jsonpath:json-path@2.4.0 > net.minidev:json-smart@2.3</li>
<li>✗ Deserialization of Untrusted Data [Medium Severity][https://security.snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327] in com.google.code.gson:gson@2.8.5<br>
introduced by com.mulesoft.muleesb.modules:anypoint-mq-rest-client@3.1.0 > com.google.code.gson:gson@2.8.5<br>
This issue was fixed in versions: 2.8.9</li>
<li>✗ Directory Traversal [Medium Severity][https://security.snyk.io/vuln/SNYK-JAVA-COMMONSIO-1277109] in commons-io:commons-io@2.6<br>
introduced by org.mule.connectors:mule-jms-connector:mule-plugin@1.6.3 > commons-io:commons-io@2.6<br>
This issue was fixed in versions: 2.7</li>
<li>✗ Server-side Request Forgery (SSRF) [Medium Severity][https://security.snyk.io/vuln/SNYK-JAVA-ORGMULERUNTIME-1089457] in org.mule.runtime:mule-core@4.1.1<br>
introduced by org.mule.runtime:mule-core@4.1.1<br>
This issue was fixed in versions: 4.3.0</li>
<li>✗ Improper Output Neutralization for Logs [Medium Severity][https://security.snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-2329097] in org.springframework:<a href="mailto:spring-core@5.0.4.RELEASE">spring-core@5.0.4.RELEASE</a><br>
introduced by com.mulesoft.muleesb.modules:anypoint-mq-rest-client@3.1.0 > org.springframework:<a href="mailto:spring-core@5.0.4.RELEASE">spring-core@5.0.4.RELEASE</a><br>
This issue was fixed in versions: 5.3.12, 5.2.18</li>
<li>✗ Improper Input Validation [Medium Severity][https://security.snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-2330878] in org.springframework:<a href="mailto:spring-core@5.0.4.RELEASE">spring-core@5.0.4.RELEASE</a><br>
introduced by com.mulesoft.muleesb.modules:anypoint-mq-rest-client@3.1.0 > org.springframework:<a href="mailto:spring-core@5.0.4.RELEASE">spring-core@5.0.4.RELEASE</a><br>
This issue was fixed in versions: 5.2.19.RELEASE, 5.3.14</li>
<li>✗ Multipart Content Pollution [Medium Severity][https://security.snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-460644] in org.springframework:<a href="mailto:spring-core@5.0.4.RELEASE">spring-core@5.0.4.RELEASE</a><br>
introduced by com.mulesoft.muleesb.modules:anypoint-mq-rest-client@3.1.0 > org.springframework:<a href="mailto:spring-core@5.0.4.RELEASE">spring-core@5.0.4.RELEASE</a><br>
This issue was fixed in versions: 4.3.14.RELEASE, 5.0.5.RELEASE</li>
<li>✗ Denial of Service (DoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-2434828] in org.springframework:<a href="mailto:spring-expression@4.1.9.RELEASE">spring-expression@4.1.9.RELEASE</a><br>
introduced by org.mule.runtime:mule-module-extensions-spring-support@4.1.1 > org.mule.runtime:mule-module-spring-config@4.1.1 > org.springframework:<a href="mailto:spring-context@4.1.9.RELEASE">spring-context@4.1.9.RELEASE</a> > org.springframework:<a href="mailto:spring-expression@4.1.9.RELEASE">spring-expression@4.1.9.RELEASE</a><br>
This issue was fixed in versions: 5.2.20.RELEASE, 5.3.17</li>
<li>✗ Denial of Service (DoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-2823313] in org.springframework:<a href="mailto:spring-beans@5.1.6.RELEASE">spring-beans@5.1.6.RELEASE</a><br>
introduced by org.mule.connectors:mule-jms-connector:mule-plugin@1.6.3 > org.mule.connectors:mule-jms-client@1.6.2 > org.springframework:<a href="mailto:spring-jms@5.1.6.RELEASE">spring-jms@5.1.6.RELEASE</a> > org.springframework:<a href="mailto:spring-beans@5.1.6.RELEASE">spring-beans@5.1.6.RELEASE</a><br>
This issue was fixed in versions: 5.2.22.RELEASE, 5.3.20</li>
<li>✗ Improper Handling of Case Sensitivity [Low Severity][https://security.snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-2689634] in org.springframework:<a href="mailto:spring-context@4.1.9.RELEASE">spring-context@4.1.9.RELEASE</a><br>
introduced by org.mule.runtime:mule-module-extensions-spring-support@4.1.1 > org.mule.runtime:mule-module-spring-config@4.1.1 > org.springframework:<a href="mailto:spring-context@4.1.9.RELEASE">spring-context@4.1.9.RELEASE</a><br>
This issue was fixed in versions: 5.2.21, 5.3.19</li>
<li>✗ Denial of Service (DoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORK-2823310] in org.springframework:<a href="mailto:spring-messaging@5.1.6.RELEASE">spring-messaging@5.1.6.RELEASE</a><br>
introduced by org.mule.connectors:mule-jms-connector:mule-plugin@1.6.3 > org.mule.connectors:mule-jms-client@1.6.2 > org.springframework:<a href="mailto:spring-jms@5.1.6.RELEASE">spring-jms@5.1.6.RELEASE</a> > org.springframework:<a href="mailto:spring-messaging@5.1.6.RELEASE">spring-messaging@5.1.6.RELEASE</a><br>
This issue was fixed in versions: 5.2.22.RELEASE, 5.3.20</li>
<li>✗ Stack-based Buffer Overflow [Medium Severity][https://security.snyk.io/vuln/SNYK-JAVA-ORGYAML-3016891] in org.yaml:snakeyaml@1.18<br>
introduced by org.mule.runtime:mule-core@4.1.1 > org.yaml:snakeyaml@1.18<br>
This issue was fixed in versions: 1.31</li>
<li>✗ Denial of Service (DoS) [Medium Severity][https://security.snyk.io/vuln/SNYK-JAVA-ORGYAML-537645] in org.yaml:snakeyaml@1.18<br>
introduced by org.mule.runtime:mule-core@4.1.1 > org.yaml:snakeyaml@1.18<br>
This issue was fixed in versions: 1.26</li>
</ul>
<h2>Low Severity</h2>
<ul>
<li>✗ Information Disclosure [Low Severity][https://security.snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-1015415] in com.google.guava:<a href="mailto:guava@25.1-jre">guava@25.1-jre</a><br>
introduced by org.mule.connectors:mule-jms-connector:mule-plugin@1.6.3 > com.google.guava:<a href="mailto:guava@25.1-jre">guava@25.1-jre</a><br>
This issue was fixed in versions: 30.0-android, 30.0-jre</li>
<li>✗ Stack-based Buffer Overflow [Low Severity][https://security.snyk.io/vuln/SNYK-JAVA-ORGYAML-3016888] in org.yaml:snakeyaml@1.18<br>
introduced by org.mule.runtime:mule-core@4.1.1 > org.yaml:snakeyaml@1.18<br>
This issue was fixed in versions: 1.32</li>
<li>✗ Stack-based Buffer Overflow [Low Severity][https://security.snyk.io/vuln/SNYK-JAVA-ORGYAML-3016889] in org.yaml:snakeyaml@1.18<br>
introduced by org.mule.runtime:mule-core@4.1.1 > org.yaml:snakeyaml@1.18<br>
This issue was fixed in versions: 1.31</li>
</ul>sup-mule