Code Quality: Push on main #651

Provides transitive vulnerable dependency maven:org.yaml:snakeyaml:1.23 * [CVE-2022-1471](https://www.mend.io/vulnerability-database/CVE-2022-1471?utm_source=JetBrains) 8.3 Deserialization of Untrusted Data * [CVE-2017-18640](https://www.mend.io/vulnerability-database/CVE-2017-18640?utm_source=JetBrains) 7.5 Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') * [CVE-2022-25857](https://www.mend.io/vulnerability-database/CVE-2022-25857?utm_source=JetBrains) 7.5 Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') * [CVE-2022-38752](https://www.mend.io/vulnerability-database/CVE-2022-38752?utm_source=JetBrains) 6.5 Out-of-bounds Write * [CVE-2022-38751](https://www.mend.io/vulnerability-database/CVE-2022-38751?utm_source=JetBrains) 6.5 Out-of-bounds Write * [CVE-2022-38750](https://www.mend.io/vulnerability-database/CVE-2022-38750?utm_source=JetBrains) 6.5 Out-of-bounds Write * [CVE-2022-38749](https://www.mend.io/vulnerability-database/CVE-2022-38749?utm_source=JetBrains) 6.5 Out-of-bounds Write * [CVE-2022-41854](https://www.mend.io/vulnerability-database/CVE-2022-41854?utm_source=JetBrains) 5.8 Out-of-bounds Write Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)

Vulnerable declared dependency: netty-socketio-core/pom.xml#L157

Vulnerable declared dependency: netty-socketio-core/pom.xml#L152

Provides transitive vulnerable dependency maven:org.json:json:20090211 * [WS-2017-3805](https://www.mend.io/vulnerability-database/WS-2017-3805?utm_source=JetBrains) 7.5 Uncontrolled Resource Consumption ('Resource Exhaustion') * [CVE-2022-45688](https://www.mend.io/vulnerability-database/CVE-2022-45688?utm_source=JetBrains) 7.5 Out-of-bounds Write * [CVE-2023-5072](https://www.mend.io/vulnerability-database/CVE-2023-5072?utm_source=JetBrains) 7.5 Allocation of Resources Without Limits or Throttling Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)

Vulnerable declared dependency: netty-socketio-spring-boot-starter/pom.xml#L56

Vulnerable declared dependency: netty-socketio-core/pom.xml#L88

Provides transitive vulnerable dependency maven:org.lz4:lz4-java:1.8.0 * [CVE-2025-66566](https://www.mend.io/vulnerability-database/CVE-2025-66566?utm_source=Jetbrains) 7.5 yawkat LZ4 Java has a possible information leak in Java safe decompressor Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)

Vulnerable declared dependency: netty-socketio-micronaut/pom.xml#L85

Vulnerable declared dependency: netty-socketio-spring-boot-starter/pom.xml#L51

Wrapper type may be primitive: netty-socketio-core/src/main/java/com/socketio4j/socketio/transport/PollingTransport.java#L99

Type may be primitive

Non-distinguishable logging calls: netty-socketio-core/src/main/java/com/socketio4j/socketio/SocketIOServer.java#L385

Similar log messages

Non-distinguishable logging calls: netty-socketio-core/src/main/java/com/socketio4j/socketio/SocketIOServer.java#L304

Similar log messages

Non-distinguishable logging calls: netty-socketio-core/src/main/java/com/socketio4j/socketio/SocketIOServer.java#L307

Similar log messages

Non-distinguishable logging calls: netty-socketio-core/src/main/java/com/socketio4j/socketio/SocketIOServer.java#L406

Similar log messages

Non-distinguishable logging calls: netty-socketio-core/src/main/java/com/socketio4j/socketio/SocketIOServer.java#L266

Similar log messages

Non-distinguishable logging calls: netty-socketio-core/src/main/java/com/socketio4j/socketio/SocketIOServer.java#L288

Similar log messages

Non-distinguishable logging calls: netty-socketio-core/src/main/java/com/socketio4j/socketio/transport/PollingTransport.java#L178

Similar log messages

Non-distinguishable logging calls: netty-socketio-core/src/main/java/com/socketio4j/socketio/SocketIOServer.java#L254

Similar log messages

Non-distinguishable logging calls: netty-socketio-core/src/main/java/com/socketio4j/socketio/SocketIOServer.java#L263

Similar log messages

Non-distinguishable logging calls: netty-socketio-core/src/main/java/com/socketio4j/socketio/handler/EncoderHandler.java#L293

Similar log messages

Non-distinguishable logging calls: netty-socketio-core/src/main/java/com/socketio4j/socketio/handler/AuthorizeHandler.java#L304

Similar log messages

Non-distinguishable logging calls: netty-socketio-core/src/main/java/com/socketio4j/socketio/SocketIOServer.java#L382

Similar log messages

Non-distinguishable logging calls: netty-socketio-core/src/main/java/com/socketio4j/socketio/SocketIOServer.java#L409

Similar log messages

Non-distinguishable logging calls: netty-socketio-core/src/main/java/com/socketio4j/socketio/SocketIOServer.java#L394

Similar log messages

Non-distinguishable logging calls: netty-socketio-core/src/main/java/com/socketio4j/socketio/SocketIOServer.java#L275

Similar log messages

Non-distinguishable logging calls: netty-socketio-core/src/main/java/com/socketio4j/socketio/transport/PollingTransport.java#L145

Similar log messages

Non-distinguishable logging calls: netty-socketio-core/src/main/java/com/socketio4j/socketio/handler/EncoderHandler.java#L168

Similar log messages

Non-distinguishable logging calls: netty-socketio-core/src/main/java/com/socketio4j/socketio/SocketIOServer.java#L278

Similar log messages

Non-distinguishable logging calls: netty-socketio-core/src/main/java/com/socketio4j/socketio/handler/AuthorizeHandler.java#L316

Similar log messages

Non-distinguishable logging calls: netty-socketio-core/src/main/java/com/socketio4j/socketio/transport/PollingTransport.java#L157

Similar log messages

Non-distinguishable logging calls: netty-socketio-core/src/main/java/com/socketio4j/socketio/SocketIOServer.java#L296

Similar log messages

Non-distinguishable logging calls: netty-socketio-core/src/main/java/com/socketio4j/socketio/SocketIOServer.java#L397

Similar log messages

Non-distinguishable logging calls: netty-socketio-core/src/main/java/com/socketio4j/socketio/SocketIOServer.java#L251

Similar log messages

Vulnerable declared dependency: netty-socketio-spring-boot-starter/pom.xml#L51

Provides transitive vulnerable dependency maven:com.squareup.okio:okio:1.15.0 * [CVE-2023-3635](https://www.mend.io/vulnerability-database/CVE-2023-3635?utm_source=JetBrains) 5.9 Incorrect Conversion between Numeric Types Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)

Vulnerable declared dependency: netty-socketio-core/pom.xml#L152

Vulnerable declared dependency: netty-socketio-spring-boot-starter/pom.xml#L51

Provides transitive vulnerable dependency maven:com.squareup.okhttp3:okhttp:3.12.12 * [CVE-2023-0833](https://www.mend.io/vulnerability-database/CVE-2023-0833?utm_source=JetBrains) 4.7 Generation of Error Message Containing Sensitive Information Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)

Vulnerable declared dependency: netty-socketio-core/pom.xml#L152

Vulnerable declared dependency: netty-socketio-micronaut/pom.xml#L85

Vulnerable declared dependency: netty-socketio-core/pom.xml#L77

Dependency maven:com.hazelcast:hazelcast:5.2.5 is vulnerable , safe version 5.3.5 * [CVE-2023-33264](https://www.mend.io/vulnerability-database/CVE-2023-33264?utm_source=JetBrains) 4.3 Insufficiently Protected Credentials Results powered by [Mend.io](https://www.mend.io/jetbrains-lp/?utm_source=JetBrains)

Vulnerable declared dependency: netty-socketio-micronaut/pom.xml#L85

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Code Quality: Push on main #651

Summary

Code Quality: Push on main #651

Uh oh!

codeql

Annotations