[ALS-10712] Dockerize Build

[JamesPeck]

No description provided.

[dbmi-svc-checkmarx]

Checkmarx One – Scan Summary & Details – e0ebc7d3-f5f2-4aac-aa88-81141614cba1

---

New Issues (106)

Checkmarx found the following issues in this Pull Request

#	Severity	Issue	Source File / Package	Checkmarx Insight
1		CVE-2024-31573	Maven-org.xmlunit:xmlunit-core-2.9.1	details Recommended version: 2.10.0 Description: XMLUnit for Java has Insecure Defaults when Processing XSLT Stylesheets. This issue affects the package org.xmlunit:xmlunit-core versions prior to ... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
2		CVE-2024-50379	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.19	details Recommended version: 10.1.49.redhat-00007 Description: Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits Remote Code Execution on case-insen... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
3		CVE-2024-52316	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.19	details Recommended version: 10.1.49.redhat-00007 Description: Unchecked Error Condition vulnerability in Apache Tomcat versions 9.0.0-M1 through 9.0.95, 10.1.0-M1 through 10.1.30, and 11.0.0-M1 through 11.0.0-... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
4		CVE-2024-56337	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.19	details Recommended version: 10.1.49.redhat-00007 Description: Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat. Users running Tomcat on a case insensitive file system with the ... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
5		CVE-2025-24813	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.19	details Recommended version: 10.1.49.redhat-00007 Description: Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution (RCE) and/or Information disclosure and/or malicious content added to... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
6		CVE-2025-31651	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.19	details Recommended version: 10.1.49.redhat-00007 Description: Improper Neutralization of Escape, Meta, or Control Sequences vulnerability was found within Apache Tomcat. For a subset of unlikely rewrite rule c... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
7		CVE-2025-55754	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.19	details Recommended version: 10.1.49.redhat-00007 Description: Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. Tomcat did not escape ANSI escape sequences in log me... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
8		CVE-2025-55754	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.40	details Recommended version: 10.1.49.redhat-00007 Description: Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. Tomcat did not escape ANSI escape sequences in log me... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
9		CVE-2023-44487	Maven-io.netty:netty-codec-http2-4.1.86.Final	details Recommended version: 4.1.132.Final Description: The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploi... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
10		CVE-2024-22262	Maven-org.springframework:spring-web-6.1.5	details Recommended version: 6.1.21 Description: Applications that use "UriComponentsBuilder" to parse an externally provided URL (e.g. through a query parameter) and perform validation checks on ... Attack Vector: NETWORK Attack Complexity: LOW Exploitable Path: build@...ach/dump/AuditLoggingFilter.java - ... - build@...b/util/UriComponentsBuilder.java Vulnerable Package
11		CVE-2024-34750	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.19	details Recommended version: 10.1.49.redhat-00007 Description: Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, To... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
12		CVE-2024-38286	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.19	details Recommended version: 10.1.49.redhat-00007 Description: Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat versions 9.0.13 through 9.0.8... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
13		CVE-2024-38816	Maven-org.springframework:spring-webmvc-6.1.5	details Recommended version: 6.2.10 Description: Applications serving static resources through the functional web frameworks "WebMvc.fn" or "WebFlux.fn" are vulnerable to Path Traversal attacks. A... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
14		CVE-2024-38819	Maven-org.springframework:spring-webmvc-6.1.5	details Recommended version: 6.2.10 Description: Applications serving static resources through the functional web frameworks "WebMvc.fn" or "WebFlux.fn" are vulnerable to path traversal attacks. A... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
15		CVE-2024-57699	Maven-net.minidev:json-smart-2.5.1	details Recommended version: 2.5.2 Description: A security issue was found in Netplex Json-smart. When loading a specially crafted JSON input, containing a large number of "{", a stack exhaustion... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
16		CVE-2024-57699	Maven-net.minidev:json-smart-2.5.0	details Recommended version: 2.5.2 Description: A security issue was found in Netplex Json-smart. When loading a specially crafted JSON input, containing a large number of "{", a stack exhaustion... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
17		CVE-2025-31650	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.19	details Recommended version: 10.1.49.redhat-00007 Description: Improper Input Validation vulnerability was found in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in inc... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
18		CVE-2025-41249	Maven-org.springframework:spring-core-6.1.5	details Recommended version: 6.2.11 Description: The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized s... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
19		CVE-2025-41249	Maven-org.springframework:spring-core-6.1.11	details Recommended version: 6.2.11 Description: The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized s... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
20		CVE-2025-41249	Maven-org.springframework:spring-core-6.2.6	details Recommended version: 6.2.11 Description: The Spring Framework annotation detection mechanism may not correctly resolve annotations on methods within type hierarchies with a parameterized s... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
21		CVE-2025-46701	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.19	details Recommended version: 10.1.49.redhat-00007 Description: Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that a... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
22		CVE-2025-46701	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.40	details Recommended version: 10.1.49.redhat-00007 Description: Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that a... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
23		CVE-2025-48988	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.40	details Recommended version: 10.1.49.redhat-00007 Description: Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat versions 9.0.0.M1 through 9.... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
24		CVE-2025-48988	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.19	details Recommended version: 10.1.49.redhat-00007 Description: Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat versions 9.0.0.M1 through 9.... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
25		CVE-2025-48989	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.19	details Recommended version: 10.1.49.redhat-00007 Description: Improper Resource Shutdown or Release vulnerability in Apache Tomcat made Tomcat vulnerable to the made you reset attack. This issue affects Apache... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
26		CVE-2025-48989	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.40	details Recommended version: 10.1.49.redhat-00007 Description: Improper Resource Shutdown or Release vulnerability in Apache Tomcat made Tomcat vulnerable to the made you reset attack. This issue affects Apache... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
27		CVE-2025-52520	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.40	details Recommended version: 10.1.49.redhat-00007 Description: For some unlikely configurations of multipart upload, an Integer Overflow vulnerability in Apache Tomcat could lead to a Denial of Service (DoS) vi... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
28		CVE-2025-52520	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.19	details Recommended version: 10.1.49.redhat-00007 Description: For some unlikely configurations of multipart upload, an Integer Overflow vulnerability in Apache Tomcat could lead to a Denial of Service (DoS) vi... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
29		CVE-2025-53506	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.19	details Recommended version: 10.1.49.redhat-00007 Description: Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an HTTP/2 client did not acknowledge the initial settings frame that reduces th... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
30		CVE-2025-53506	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.40	details Recommended version: 10.1.49.redhat-00007 Description: Uncontrolled Resource Consumption vulnerability in Apache Tomcat if an HTTP/2 client did not acknowledge the initial settings frame that reduces th... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
31		CVE-2025-55163	Maven-io.netty:netty-codec-http2-4.1.86.Final	details Recommended version: 4.1.132.Final Description: Netty is an asynchronous, event-driven network application framework. Netty is vulnerable to the "MadeYouReset" DDoS attack. This is a logical vuln... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
32		CVE-2025-55752	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.40	details Recommended version: 10.1.49.redhat-00007 Description: Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug "60013" introduced a regression where the rewritten URL was normalised befo... Attack Vector: NETWORK Attack Complexity: HIGH Vulnerable Package
33		CVE-2025-55752	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.19	details Recommended version: 10.1.49.redhat-00007 Description: Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug "60013" introduced a regression where the rewritten URL was normalised befo... Attack Vector: NETWORK Attack Complexity: HIGH Vulnerable Package
34		CVE-2026-24400	Maven-org.assertj:assertj-core-3.24.2	details Recommended version: 3.27.7 Description: AssertJ provides Fluent testing assertions for Java and the Java Virtual Machine (JVM). Starting in version 1.4.0 prior to 3.27.7 and 4.0.0-M1, an ... Attack Vector: LOCAL Attack Complexity: LOW Vulnerable Package
35		CVE-2026-24400	Maven-org.assertj:assertj-core-3.25.3	details Recommended version: 3.27.7 Description: AssertJ provides Fluent testing assertions for Java and the Java Virtual Machine (JVM). Starting in version 1.4.0 prior to 3.27.7 and 4.0.0-M1, an ... Attack Vector: LOCAL Attack Complexity: LOW Vulnerable Package
36		CVE-2026-24400	Maven-org.assertj:assertj-core-3.26.3	details Recommended version: 3.27.7 Description: AssertJ provides Fluent testing assertions for Java and the Java Virtual Machine (JVM). Starting in version 1.4.0 prior to 3.27.7 and 4.0.0-M1, an ... Attack Vector: LOCAL Attack Complexity: LOW Vulnerable Package
37		CVE-2026-33870	Maven-io.netty:netty-codec-http-4.1.86.Final	details Recommended version: 4.1.132.Final Description: Netty incorrectly parses quoted strings in HTTP/1.1 chunked transfer encoding extension values, enabling request smuggling attacks. Affected versio... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
38		CVE-2026-33871	Maven-io.netty:netty-codec-http2-4.1.86.Final	details Recommended version: 4.1.132.Final Description: A remote user can trigger a Denial of Service (DoS) against a Netty HTTP/2 server by sending a flood of `CONTINUATION` frames. The server's lack of... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
39		Cxfa47c4e4-5ef9	Maven-com.fasterxml.jackson.core:jackson-core-2.19.0	details Recommended version: 2.21.1 Description: The non-blocking (async) JSON parser in jackson-core bypasses the "maxNumberLength" constraint (default: 1000 characters) defined in "StreamReadCon... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
40		Cxfa47c4e4-5ef9	Maven-com.fasterxml.jackson.core:jackson-core-2.15.2	details Recommended version: 2.18.6 Description: The non-blocking (async) JSON parser in jackson-core bypasses the "maxNumberLength" constraint (default: 1000 characters) defined in "StreamReadCon... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
41		CVE-2023-34462	Maven-io.netty:netty-handler-4.1.86.Final	details Recommended version: 4.1.118.Final Description: Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clien... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
42		CVE-2024-12798	Maven-ch.qos.logback:logback-classic-1.5.6	details Recommended version: 1.5.24 Description: Arbitrary Code Execution vulnerability in "JaninoEventEvaluator" by QOS.CH logback in Java applications, allows attackers to execute arbitrary code... Attack Vector: LOCAL Attack Complexity: LOW Vulnerable Package
43		CVE-2024-12798	Maven-ch.qos.logback:logback-core-1.5.6	details Recommended version: 1.5.25 Description: Arbitrary Code Execution vulnerability in "JaninoEventEvaluator" by QOS.CH logback in Java applications, allows attackers to execute arbitrary code... Attack Vector: LOCAL Attack Complexity: LOW Vulnerable Package
44		CVE-2024-12798	Maven-ch.qos.logback:logback-core-1.4.14	details Recommended version: 1.5.25 Description: Arbitrary Code Execution vulnerability in "JaninoEventEvaluator" by QOS.CH logback in Java applications, allows attackers to execute arbitrary code... Attack Vector: LOCAL Attack Complexity: LOW Vulnerable Package
45		CVE-2024-12798	Maven-ch.qos.logback:logback-classic-1.4.14	details Recommended version: 1.5.24 Description: Arbitrary Code Execution vulnerability in "JaninoEventEvaluator" by QOS.CH logback in Java applications, allows attackers to execute arbitrary code... Attack Vector: LOCAL Attack Complexity: LOW Vulnerable Package
46		CVE-2024-25710	Maven-org.apache.commons:commons-compress-1.24.0	details Recommended version: 1.26.0 Description: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress. This issue affects Apache Commons Compress 1.3 thr... Attack Vector: LOCAL Attack Complexity: LOW Vulnerable Package
47		CVE-2024-26308	Maven-org.apache.commons:commons-compress-1.24.0	details Recommended version: 1.26.0 Description: Allocation of Resources Without Limits or Throttling Vulnerability in Apache Commons Compress. This issue affects Apache Commons Compress versions ... Attack Vector: LOCAL Attack Complexity: LOW Vulnerable Package
48		CVE-2024-29025	Maven-io.netty:netty-codec-http-4.1.86.Final	details Recommended version: 4.1.132.Final Description: Netty is an asynchronous event-driven network application framework for the rapid development of maintainable high-performance protocol servers & c... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
49		CVE-2024-38809	Maven-org.springframework:spring-web-6.1.5	details Recommended version: 6.1.21 Description: The package "org.springframework:spring-web" versions through 5.3.37, 6.0.0-M1 through 6.0.22, and 6.1.0-M1 through 6.1.11 are vulnerable to Denial... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
50		CVE-2024-47535	Maven-io.netty:netty-common-4.1.86.Final	details Recommended version: 4.1.108.Final-redhat-00002 Description: Netty is an asynchronous event-driven network application framework for rapidly developing maintainable high-performance protocol servers & clients... Attack Vector: LOCAL Attack Complexity: LOW Vulnerable Package
51		CVE-2025-11226	Maven-ch.qos.logback:logback-core-1.5.18	details Recommended version: 1.5.25 Description: Arbitrary Code Execution (ACE) vulnerability in conditional configuration file processing by QOS.CH logback-core versions through 1.5.18 in Java ap... Attack Vector: LOCAL Attack Complexity: LOW Vulnerable Package
52		CVE-2025-11226	Maven-ch.qos.logback:logback-core-1.5.6	details Recommended version: 1.5.25 Description: Arbitrary Code Execution (ACE) vulnerability in conditional configuration file processing by QOS.CH logback-core versions through 1.5.18 in Java ap... Attack Vector: LOCAL Attack Complexity: LOW Vulnerable Package
53		CVE-2025-11226	Maven-ch.qos.logback:logback-core-1.4.14	details Recommended version: 1.5.25 Description: Arbitrary Code Execution (ACE) vulnerability in conditional configuration file processing by QOS.CH logback-core versions through 1.5.18 in Java ap... Attack Vector: LOCAL Attack Complexity: LOW Vulnerable Package
54		CVE-2025-41234	Maven-org.springframework:spring-web-6.1.5	details Recommended version: 6.1.21 Description: In Spring Framework, versions 6.0.x through 6.0.28, 6.1.x through 6.1.20, 6.2.x through 6.2.7, and 7.x through 7.0.0-m5, an application is vulnerab... Attack Vector: NETWORK Attack Complexity: HIGH Exploitable Path: build@...ach/dump/AuditLoggingFilter.java - ... - build@...ork/http/ContentDisposition.java Vulnerable Package
55		CVE-2025-41234	Maven-org.springframework:spring-web-6.2.6	details Recommended version: 6.2.8 Description: In Spring Framework, versions 6.0.x through 6.0.28, 6.1.x through 6.1.20, 6.2.x through 6.2.7, and 7.x through 7.0.0-m5, an application is vulnerab... Attack Vector: NETWORK Attack Complexity: HIGH Exploitable Path: build@...ach/dump/AuditLoggingFilter.java - ... - build@...ork/http/ContentDisposition.java Vulnerable Package
56		CVE-2025-41242	Maven-org.springframework:spring-webmvc-6.2.6	details Recommended version: 6.2.10 Description: Spring Framework MVC applications version through 6.2.9 can be vulnerable to a Path Traversal Vulnerability, when deployed on a non-compliant Servl... Attack Vector: NETWORK Attack Complexity: HIGH Vulnerable Package
57		CVE-2025-41242	Maven-org.springframework:spring-webmvc-6.1.5	details Recommended version: 6.2.10 Description: Spring Framework MVC applications version through 6.2.9 can be vulnerable to a Path Traversal Vulnerability, when deployed on a non-compliant Servl... Attack Vector: NETWORK Attack Complexity: HIGH Vulnerable Package
58		CVE-2025-49125	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.40	details Recommended version: 10.1.49.redhat-00007 Description: Authentication Bypass Using an Alternate Path or Channel vulnerability in Apache Tomcat. When using `PreResources` or `PostResources` mounted other... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
59		CVE-2025-49125	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.19	details Recommended version: 10.1.49.redhat-00007 Description: Authentication Bypass Using an Alternate Path or Channel vulnerability in Apache Tomcat. When using `PreResources` or `PostResources` mounted other... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
60		CVE-2025-49146	Maven-org.postgresql:postgresql-42.7.5	details Recommended version: 42.7.7 Description: The pgjdbc is an open-source postgresql JDBC Driver. When the PostgreSQL JDBC driver is configured with channel binding set to required (default va... Attack Vector: NETWORK Attack Complexity: HIGH Vulnerable Package
61		CVE-2025-55668	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.40	details Recommended version: 10.1.49.redhat-00007 Description: Session Fixation vulnerability in Apache Tomcat via rewrite valve. This issue affects org.apache.tomcat:tomcat-catalina: versions from 8.0.0-RC1 th... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
62		CVE-2025-55668	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.19	details Recommended version: 10.1.49.redhat-00007 Description: Session Fixation vulnerability in Apache Tomcat via rewrite valve. This issue affects org.apache.tomcat:tomcat-catalina: versions from 8.0.0-RC1 th... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
63		CVE-2025-58057	Maven-io.netty:netty-codec-http-4.1.86.Final	details Recommended version: 4.1.132.Final Description: Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clien... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
64		CVE-2025-58057	Maven-io.netty:netty-codec-http2-4.1.86.Final	details Recommended version: 4.1.132.Final Description: Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clien... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
65		CVE-2025-58057	Maven-io.netty:netty-codec-4.1.86.Final	details Recommended version: 4.1.123.Final-redhat-00001 Description: Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clien... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
66		CVE-2025-61795	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.19	details Recommended version: 10.1.49.redhat-00007 Description: Improper Resource Shutdown or Release vulnerability in Apache Tomcat. If an error occurred (including exceeding limits) during the processing of a ... Attack Vector: NETWORK Attack Complexity: HIGH Vulnerable Package
67		CVE-2025-61795	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.40	details Recommended version: 10.1.49.redhat-00007 Description: Improper Resource Shutdown or Release vulnerability in Apache Tomcat. If an error occurred (including exceeding limits) during the processing of a ... Attack Vector: NETWORK Attack Complexity: HIGH Vulnerable Package
68		CVE-2025-66614	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.40	details Recommended version: 10.1.49.redhat-00007 Description: Improper Input Validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, 10.0.0-M1 through 10.1.49, and 8.5.0 th... Attack Vector: NETWORK Attack Complexity: LOW Exploitable Path: getAttribute@...nary/AuditAttributes.java - ... - getAttribute@...net/AbstractEndpoint.java Vulnerable Package
69		CVE-2025-66614	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.19	details Recommended version: 10.1.49.redhat-00007 Description: Improper Input Validation vulnerability. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.14, 10.0.0-M1 through 10.1.49, and 8.5.0 th... Attack Vector: NETWORK Attack Complexity: LOW Exploitable Path: getAttribute@...nary/AuditAttributes.java - ... - getAttribute@...net/AbstractEndpoint.java Vulnerable Package
70		CVE-2025-67735	Maven-io.netty:netty-codec-http-4.1.86.Final	details Recommended version: 4.1.132.Final Description: Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.129.Final and 4.2.x prior to 4.2.8.Final, the `io.ne... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
71		CVE-2026-24734	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.40	details Recommended version: 10.1.49.redhat-00007 Description: Improper Input Validation vulnerability in Apache Tomcat Native, Apache Tomcat. When using an OCSP responder, Tomcat Native (and Tomcat's FFM port ... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
72		CVE-2026-24734	Maven-org.apache.tomcat.embed:tomcat-embed-core-10.1.19	details Recommended version: 10.1.49.redhat-00007 Description: Improper Input Validation vulnerability in Apache Tomcat Native, Apache Tomcat. When using an OCSP responder, Tomcat Native (and Tomcat's FFM port ... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
73		Container Capabilities Unrestricted	/docker-compose.dev.yml: 15	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec...
74		Container Capabilities Unrestricted	/docker-compose.yml: 25	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec...
75		Container Capabilities Unrestricted	/docker-compose.yml: 4	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec...
76		Container Capabilities Unrestricted	/docker-compose.yml: 14	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec...
77		Container Capabilities Unrestricted	/docker-compose.dev.yml: 6	details Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnec...

More results are available on the CxOne platform

---

Use @Checkmarx to interact with Checkmarx PR Assistant.
Examples:
@Checkmarx how are you able to help me?
@Checkmarx rescan this PR