SDKS-3079 Replace deprecated onActivityResult with ActivityResultContract #1071
Mend Scan Result
success
Details
�[94mChecking for updates...
�[0m
Identified 618 dependencies
Detected 2 vulnerabilities (0 Critical, 0 High, 2 Medium, 0 Low)
+----------+-------------------------+----------------+----------------------------------------------------------------------------------------------------+
| SEVERITY | LIBRARY | ID | TOP FIX |
+----------+-------------------------+----------------+----------------------------------------------------------------------------------------------------+
| MEDIUM | bcprov-jdk15on-1.68.jar | CVE-2023-33201 | Upgrade to version org.bouncycastle:bcprov-ext-jdk18on:1.74, org.bouncycastle:bcprov-jdk18on:1.74, |
| | | | org.bouncycastle:bcprov-debug-jdk18on:1.74, org.bouncycastle:bcprov-ext-debug-jdk18on:1.74, |
| | | | org.bouncycastle:bcprov-ext-jdk15to18:1.74, org.bouncycastle:bcprov-jdk15to18:1.74, |
| | | | org.bouncycastle:bcprov-debug-jdk14:1.74, org.bouncycastle:bcprov-debug-jdk15to18:1.74, |
| | | | org.bouncycastle:bcprov-ext-debug-jdk14:1.74, org.bouncycastle:bcprov-ext-debug-jdk15to18:1.74, |
| | | | org.bouncycastle:bcprov-jdk14:1.74 |
+----------+-------------------------+----------------+----------------------------------------------------------------------------------------------------+
| MEDIUM | commons-io-2.6.jar | CVE-2021-29425 | Upgrade to version commons-io:commons-io:2.7 |
+----------+-------------------------+----------------+----------------------------------------------------------------------------------------------------+
Detected 3 Policy violations
+--------------------------------+-------------+-----------------------------+
| LIBRARY | POLICY TYPE | POLICY NAME |
+--------------------------------+-------------+-----------------------------+
| javax.annotation-api-1.3.2.pom | License | Black list (viral licenses) |
+--------------------------------+-------------+-----------------------------+
| play-services-auth-20.6.0.aar | License | Black list (viral licenses) |
+--------------------------------+-------------+-----------------------------+
| play-services-fido-20.0.1.aar | License | Black list (viral licenses) |
+--------------------------------+-------------+-----------------------------+
Paths at risk
P = policy violation
MSC = malicious vulnerability
CRITICAL/HIGH/MEDIUM/LOW = CVE severity
play-services-fido-20.0.1.aar [P]
play-services-auth-20.6.0.aar [P]
|-- play-services-fido-20.0.1.aar [P]
play-services-fido-20.0.1.aar [P]
mockwebserver-2.7.5.jar]
|-- bcprov-jdk15on-1.68.jar [1 MEDIUM]
commons-io-2.6.jar [1 MEDIUM]
forgerock-auth-4.4.0]
|-- play-services-auth-20.6.0.aar [P]
|-- play-services-fido-20.0.1.aar [P]
|-- commons-io-2.6.jar [1 MEDIUM]
|-- javax.annotation-api-1.3.2.pom [P]
|-- bcprov-jdk15on-1.68.jar [1 MEDIUM]
javax.annotation-api-1.3.2.pom [P]
bcprov-jdk15on-1.68.jar [1 MEDIUM]
robolectric-4.9.2.pom]
|-- javax.annotation-api-1.3.2.pom [P]
|-- bcprov-jdk15on-1.68.jar [1 MEDIUM]
sandbox-4.9.2.pom]
|-- javax.annotation-api-1.3.2.pom [P]
utils-4.9.2.pom]
|-- javax.annotation-api-1.3.2.pom [P]
forgerock-authenticator-4.4.0]
|-- javax.annotation-api-1.3.2.pom [P]
javax.annotation-api-1.3.2.pom [P]
robolectric-4.9.2.pom]
|-- javax.annotation-api-1.3.2.pom [P]
sandbox-4.9.2.pom]
|-- javax.annotation-api-1.3.2.pom [P]
utils-4.9.2.pom]
|-- javax.annotation-api-1.3.2.pom [P]
mockwebserver-2.7.5.jar]
|-- bcprov-jdk15on-1.68.jar [1 MEDIUM]
commons-io-2.6.jar [1 MEDIUM]
forgerock-core-4.4.0]
|-- commons-io-2.6.jar [1 MEDIUM]
|-- javax.annotation-api-1.3.2.pom [P]
|-- bcprov-jdk15on-1.68.jar [1 MEDIUM]
javax.annotation-api-1.3.2.pom [P]
bcprov-jdk15on-1.68.jar [1 MEDIUM]
robolectric-4.9.2.pom]
|-- javax.annotation-api-1.3.2.pom [P]
|-- bcprov-jdk15on-1.68.jar [1 MEDIUM]
sandbox-4.9.2.pom]
|-- javax.annotation-api-1.3.2.pom [P]
utils-4.9.2.pom]
|-- javax.annotation-api-1.3.2.pom [P]
play-services-fido-20.0.1.aar [P]
mockwebserver-2.7.5.jar]
|-- bcprov-jdk15on-1.68.jar [1 MEDIUM]
commons-io-2.6.jar [1 MEDIUM]
bcprov-jdk15on-1.68.jar [1 MEDIUM]
ping-protect-4.4.0]
|-- javax.annotation-api-1.3.2.pom [P]
javax.annotation-api-1.3.2.pom [P]
robolectric-4.9.2.pom]
|-- javax.annotation-api-1.3.2.pom [P]
sandbox-4.9.2.pom]
|-- javax.annotation-api-1.3.2.pom [P]
utils-4.9.2.pom]
|-- javax.annotation-api-1.3.2.pom [P]
Support token: d3e5cd927931379f26f0b9218973b307a0aeef1a6cfcf8
Project forgerock-android-sdk was updated, for more information, visit the Core UI: https://saas.whitesourcesoftware.com/Wss/WSS.html#!project;token=2b34746a134847f78df7345265565b520982b63674434af781df3c3546cc39c1