[
https://issues.apache.org/jira/browse/TINKERPOP-2809?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17614287#comment-17614287
] ASF GitHub Bot commented on TINKERPOP-2809: ------------------------------------------- codecov-commenter commented on PR #1823: URL: https://github.com/apache/tinkerpop/pull/1823#issuecomment-1272114495 # [Codecov](https://codecov.io/gh/apache/tinkerpop/pull/1823?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report > Merging [#1823](https://codecov.io/gh/apache/tinkerpop/pull/1823?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (ed075e9) into [master](https://codecov.io/gh/apache/tinkerpop/commit/58fd4d30ea386ca0d8561be6a448f1a1ee4d433e?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (58fd4d3) will **decrease** coverage by `5.06%`. > The diff coverage is `n/a`. ```diff @@ Coverage Diff @@ ## master #1823 +/- ## ============================================ - Coverage 69.18% 64.11% -5.07% ============================================ Files 875 23 -852 Lines 41759 3684 -38075 Branches 5623 0 -5623 ============================================ - Hits 28890 2362 -26528 + Misses 10896 1154 -9742 + Partials 1973 168 -1805 ``` | [Impacted Files](https://codecov.io/gh/apache/tinkerpop/pull/1823?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | Coverage Δ | | |---|---|---| | [...kerpop/gremlin/jsr223/ScriptFileGremlinPlugin.java](https://codecov.io/gh/apache/tinkerpop/pull/1823/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-Z3JlbWxpbi1jb3JlL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS90aW5rZXJwb3AvZ3JlbWxpbi9qc3IyMjMvU2NyaXB0RmlsZUdyZW1saW5QbHVnaW4uamF2YQ==) | | | | [...aversal/traverser/B\_LP\_NL\_O\_S\_SE\_SL\_Traverser.java](https://codecov.io/gh/apache/tinkerpop/pull/1823/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-Z3JlbWxpbi1jb3JlL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS90aW5rZXJwb3AvZ3JlbWxpbi9wcm9jZXNzL3RyYXZlcnNhbC90cmF2ZXJzZXIvQl9MUF9OTF9PX1NfU0VfU0xfVHJhdmVyc2VyLmphdmE=) | | | | [.../gryo/kryoshim/shaded/ShadedSerializerAdapter.java](https://codecov.io/gh/apache/tinkerpop/pull/1823/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-Z3JlbWxpbi1jb3JlL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS90aW5rZXJwb3AvZ3JlbWxpbi9zdHJ1Y3R1cmUvaW8vZ3J5by9rcnlvc2hpbS9zaGFkZWQvU2hhZGVkU2VyaWFsaXplckFkYXB0ZXIuamF2YQ==) | | | | [...egy/finalization/ComputerFinalizationStrategy.java](https://codecov.io/gh/apache/tinkerpop/pull/1823/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-Z3JlbWxpbi1jb3JlL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS90aW5rZXJwb3AvZ3JlbWxpbi9wcm9jZXNzL2NvbXB1dGVyL3RyYXZlcnNhbC9zdHJhdGVneS9maW5hbGl6YXRpb24vQ29tcHV0ZXJGaW5hbGl6YXRpb25TdHJhdGVneS5qYXZh) | | | | [.../gremlin/util/function/MutableMetricsSupplier.java](https://codecov.io/gh/apache/tinkerpop/pull/1823/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-Z3JlbWxpbi1jb3JlL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS90aW5rZXJwb3AvZ3JlbWxpbi91dGlsL2Z1bmN0aW9uL011dGFibGVNZXRyaWNzU3VwcGxpZXIuamF2YQ==) | | | | [.../traversal/traverser/B\_NL\_O\_S\_SE\_SL\_Traverser.java](https://codecov.io/gh/apache/tinkerpop/pull/1823/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-Z3JlbWxpbi1jb3JlL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS90aW5rZXJwb3AvZ3JlbWxpbi9wcm9jZXNzL3RyYXZlcnNhbC90cmF2ZXJzZXIvQl9OTF9PX1NfU0VfU0xfVHJhdmVyc2VyLmphdmE=) | | | | [...pop/gremlin/driver/ser/SerializationException.java](https://codecov.io/gh/apache/tinkerpop/pull/1823/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-Z3JlbWxpbi1kcml2ZXIvc3JjL21haW4vamF2YS9vcmcvYXBhY2hlL3RpbmtlcnBvcC9ncmVtbGluL2RyaXZlci9zZXIvU2VyaWFsaXphdGlvbkV4Y2VwdGlvbi5qYXZh) | | | | [...pop/gremlin/process/traversal/step/Generating.java](https://codecov.io/gh/apache/tinkerpop/pull/1823/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-Z3JlbWxpbi1jb3JlL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS90aW5rZXJwb3AvZ3JlbWxpbi9wcm9jZXNzL3RyYXZlcnNhbC9zdGVwL0dlbmVyYXRpbmcuamF2YQ==) | | | | [...p/gremlin/process/traversal/util/StepPosition.java](https://codecov.io/gh/apache/tinkerpop/pull/1823/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-Z3JlbWxpbi1jb3JlL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS90aW5rZXJwb3AvZ3JlbWxpbi9wcm9jZXNzL3RyYXZlcnNhbC91dGlsL1N0ZXBQb3NpdGlvbi5qYXZh) | | | | [...he/tinkerpop/gremlin/jsr223/ScriptEngineCache.java](https://codecov.io/gh/apache/tinkerpop/pull/1823/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-Z3JlbWxpbi1jb3JlL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS90aW5rZXJwb3AvZ3JlbWxpbi9qc3IyMjMvU2NyaXB0RW5naW5lQ2FjaGUuamF2YQ==) | | | | ... and [842 more](https://codecov.io/gh/apache/tinkerpop/pull/1823/diff?src=pr&el=tree-more&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | | :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) > High severity security vulnerability found in jackson databind > -------------------------------------------------------------- > > Key: TINKERPOP-2809 > URL: https://issues.apache.org/jira/browse/TINKERPOP-2809 > Project: TinkerPop > Issue Type: Bug > Components: server > Affects Versions: 3.6.1 > Reporter: Aaron Coady > Priority: Major > > Two High security vulnerabilities in jackson databind. Here are the two > links. > [https://nvd.nist.gov/vuln/detail/CVE-2022-42003] > [https://nvd.nist.gov/vuln/detail/CVE-2022-42004] > Fixes are in 2.14.0 -- This message was sent by Atlassian Jira (v8.20.10#820010)
