[
https://issues.apache.org/jira/browse/TINKERPOP-2809?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17634933#comment-17634933
] ASF GitHub Bot commented on TINKERPOP-2809: ------------------------------------------- codecov-commenter commented on PR #1849: URL: https://github.com/apache/tinkerpop/pull/1849#issuecomment-1317375309 # [Codecov](https://codecov.io/gh/apache/tinkerpop/pull/1849?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report > Merging [#1849](https://codecov.io/gh/apache/tinkerpop/pull/1849?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (d165324) into [3.5-dev](https://codecov.io/gh/apache/tinkerpop/commit/e4775a699e6c2140238add91036b2e6d39da89cb?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (e4775a6) will **increase** coverage by `5.78%`. > The diff coverage is `n/a`. ```diff @@ Coverage Diff @@ ## 3.5-dev #1849 +/- ## ============================================= + Coverage 63.58% 69.37% +5.78% - Complexity 0 8918 +8918 ============================================= Files 23 861 +838 Lines 3636 40868 +37232 Branches 0 5388 +5388 ============================================= + Hits 2312 28352 +26040 - Misses 1145 10607 +9462 - Partials 179 1909 +1730 ``` | [Impacted Files](https://codecov.io/gh/apache/tinkerpop/pull/1849?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | Coverage Δ | | |---|---|---| | [...aversal/traverser/B\_LP\_NL\_O\_S\_SE\_SL\_Traverser.java](https://codecov.io/gh/apache/tinkerpop/pull/1849/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-Z3JlbWxpbi1jb3JlL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS90aW5rZXJwb3AvZ3JlbWxpbi9wcm9jZXNzL3RyYXZlcnNhbC90cmF2ZXJzZXIvQl9MUF9OTF9PX1NfU0VfU0xfVHJhdmVyc2VyLmphdmE=) | `0.00% <0.00%> (ø)` | | | [...verification/VertexProgramRestrictionStrategy.java](https://codecov.io/gh/apache/tinkerpop/pull/1849/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-Z3JlbWxpbi1jb3JlL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS90aW5rZXJwb3AvZ3JlbWxpbi9wcm9jZXNzL2NvbXB1dGVyL3RyYXZlcnNhbC9zdHJhdGVneS92ZXJpZmljYXRpb24vVmVydGV4UHJvZ3JhbVJlc3RyaWN0aW9uU3RyYXRlZ3kuamF2YQ==) | `100.00% <0.00%> (ø)` | | | [...emlin/process/traversal/lambda/ValueTraversal.java](https://codecov.io/gh/apache/tinkerpop/pull/1849/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-Z3JlbWxpbi1jb3JlL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS90aW5rZXJwb3AvZ3JlbWxpbi9wcm9jZXNzL3RyYXZlcnNhbC9sYW1iZGEvVmFsdWVUcmF2ZXJzYWwuamF2YQ==) | `94.73% <0.00%> (ø)` | | | [...ss/traversal/step/util/ExpandableStepIterator.java](https://codecov.io/gh/apache/tinkerpop/pull/1849/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-Z3JlbWxpbi1jb3JlL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS90aW5rZXJwb3AvZ3JlbWxpbi9wcm9jZXNzL3RyYXZlcnNhbC9zdGVwL3V0aWwvRXhwYW5kYWJsZVN0ZXBJdGVyYXRvci5qYXZh) | `73.68% <0.00%> (ø)` | | | [...inkerpop/gremlin/driver/LoadBalancingStrategy.java](https://codecov.io/gh/apache/tinkerpop/pull/1849/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-Z3JlbWxpbi1kcml2ZXIvc3JjL21haW4vamF2YS9vcmcvYXBhY2hlL3RpbmtlcnBvcC9ncmVtbGluL2RyaXZlci9Mb2FkQmFsYW5jaW5nU3RyYXRlZ3kuamF2YQ==) | `56.66% <0.00%> (ø)` | | | [...n/structure/io/binary/types/InstantSerializer.java](https://codecov.io/gh/apache/tinkerpop/pull/1849/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-Z3JlbWxpbi1jb3JlL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS90aW5rZXJwb3AvZ3JlbWxpbi9zdHJ1Y3R1cmUvaW8vYmluYXJ5L3R5cGVzL0luc3RhbnRTZXJpYWxpemVyLmphdmE=) | `100.00% <0.00%> (ø)` | | | [...raversal/step/sideEffect/LambdaSideEffectStep.java](https://codecov.io/gh/apache/tinkerpop/pull/1849/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-Z3JlbWxpbi1jb3JlL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS90aW5rZXJwb3AvZ3JlbWxpbi9wcm9jZXNzL3RyYXZlcnNhbC9zdGVwL3NpZGVFZmZlY3QvTGFtYmRhU2lkZUVmZmVjdFN0ZXAuamF2YQ==) | `87.50% <0.00%> (ø)` | | | [.../gremlin/process/traversal/step/map/IndexStep.java](https://codecov.io/gh/apache/tinkerpop/pull/1849/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-Z3JlbWxpbi1jb3JlL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS90aW5rZXJwb3AvZ3JlbWxpbi9wcm9jZXNzL3RyYXZlcnNhbC9zdGVwL21hcC9JbmRleFN0ZXAuamF2YQ==) | `75.60% <0.00%> (ø)` | | | [.../structure/io/binary/types/MapEntrySerializer.java](https://codecov.io/gh/apache/tinkerpop/pull/1849/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-Z3JlbWxpbi1jb3JlL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS90aW5rZXJwb3AvZ3JlbWxpbi9zdHJ1Y3R1cmUvaW8vYmluYXJ5L3R5cGVzL01hcEVudHJ5U2VyaWFsaXplci5qYXZh) | `71.42% <0.00%> (ø)` | | | [...structure/io/graphson/GraphSONSerializersV3d0.java](https://codecov.io/gh/apache/tinkerpop/pull/1849/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-Z3JlbWxpbi1jb3JlL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS90aW5rZXJwb3AvZ3JlbWxpbi9zdHJ1Y3R1cmUvaW8vZ3JhcGhzb24vR3JhcGhTT05TZXJpYWxpemVyc1YzZDAuamF2YQ==) | `87.98% <0.00%> (ø)` | | | ... and [828 more](https://codecov.io/gh/apache/tinkerpop/pull/1849/diff?src=pr&el=tree-more&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | | :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) > High severity security vulnerability found in jackson databind > -------------------------------------------------------------- > > Key: TINKERPOP-2809 > URL: https://issues.apache.org/jira/browse/TINKERPOP-2809 > Project: TinkerPop > Issue Type: Bug > Components: server > Affects Versions: 3.6.1 > Reporter: Aaron Coady > Priority: Major > > Two High security vulnerabilities in jackson databind. Here are the two > links. > [https://nvd.nist.gov/vuln/detail/CVE-2022-42003] > [https://nvd.nist.gov/vuln/detail/CVE-2022-42004] > Fixes are in 2.14.0 -- This message was sent by Atlassian Jira (v8.20.10#820010)
