chore: upgrade testbench 8.3.2 by ZheSun88 · Pull Request #8707 · vaadin/platform

ZheSun88 · 2026-03-26T09:51:36Z

No description provided.

github-actions · 2026-03-26T13:02:35Z

Dependencies Report

🟠 Known Vulnerabilities:
- Vulnerabilities in: pkg:npm/railroad-diagrams@1.0.0 [CVE-2024-26467] (oss-bomber)
  👌 This is coming from the tools, @cyclonedx/cyclonedx-npm, we have used for sbom module, FP for us.
  ·
  - Vulnerabilities in: pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.14.2 [CVE-2023-35116] (owasp)
    👌 based on the issue this is not a CVE Stack overflow error caused by serialization of Map with cyclic dependency -- NOT CVE FasterXML/jackson-databind#3972
    · cpe:2.3:a:fasterxml:jackson-databind::::::::
🚫 Vulnerabilities:
- Vulnerabilities in: pkg:maven/com.fasterxml.jackson.core/jackson-core@2.14.2 [GHSA-72hv-8253-57qq, CVE-2025-52999] (osv-bomber,osv-scan)
  ·
  - Vulnerabilities in: pkg:maven/com.nimbusds/nimbus-jose-jwt@9.37.3 [CVE-2025-53864] (osv-bomber,osv-scan)
    ·
  - Vulnerabilities in: pkg:maven/org.apache.poi/poi-ooxml@5.2.3 [CVE-2025-31672] (osv-bomber,osv-scan)
    ·
  - Vulnerabilities in: pkg:maven/org.springframework/spring-websocket@5.3.32 [CVE-2025-41254] (osv-bomber,osv-scan)
    ·
  - Vulnerabilities in: pkg:maven/org.springframework/spring-web@5.3.32 [CVE-2024-38809, CVE-2024-22262, CVE-2024-38820, CVE-2016-1000027, CVE-2024-22259, CVE-2024-38808] (osv-bomber,osv-scan,owasp)
    ·
    · cpe:2.3:a:vmware:spring_framework::::::::
    · cpe:2.3:a:netapp:active_iq_unified_manager:-:::::linux::
    · cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vmware_vsphere::
    · cpe:2.3:a:netapp:active_iq_unified_manager:-:::::windows::
    · cpe:2.3:a:netapp:oncommand_insight:-:::::::*
  - Vulnerabilities in: pkg:maven/org.springframework/spring-core@5.3.32 [CVE-2025-41249, CVE-2024-22259, CVE-2024-38820, CVE-2024-38808] (osv-bomber,osv-scan,owasp)
    ·
    · cpe:2.3:a:netapp:active_iq_unified_manager:-:::::linux::
    · cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vmware_vsphere::
    · cpe:2.3:a:netapp:active_iq_unified_manager:-:::::windows::
    · cpe:2.3:a:vmware:spring_framework::::::::
    · cpe:2.3:a:netapp:oncommand_insight:-:::::::*
  - Vulnerabilities in: pkg:maven/org.springframework/spring-webmvc@5.3.32 [CVE-2026-22737, CVE-2026-22735, CVE-2024-38816, CVE-2024-38819, CVE-2025-41242, CVE-2024-38828] (osv-bomber,osv-scan)
    ·
  - Vulnerabilities in: pkg:maven/org.springframework/spring-context@5.3.32 [CVE-2024-38820, CVE-2025-22233] (osv-bomber,osv-scan)
    ·
  - Vulnerabilities in: pkg:maven/org.springframework/spring-expression@5.3.32 [CVE-2024-38808] (osv-bomber,osv-scan)
    ·
  - Vulnerabilities in: pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.104 [CVE-2025-53506, CVE-2025-49124, CVE-2025-66614, CVE-2025-48989, CVE-2025-46701, CVE-2025-48988, CVE-2025-61795, CVE-2026-24734, CVE-2026-24733, CVE-2025-55754, CVE-2025-49125, CVE-2025-55752, CVE-2025-52520, BIT-tomcat-2025-53506, BIT-tomcat-2025-49124, BIT-tomcat-2025-66614, BIT-tomcat-2025-48989, BIT-tomcat-2025-46701, BIT-tomcat-2025-48988, BIT-tomcat-2025-61795, BIT-tomcat-2026-24734, BIT-tomcat-2026-24733, BIT-tomcat-2025-55754, BIT-tomcat-2025-49125, BIT-tomcat-2025-55752, BIT-tomcat-2025-52520, CVE-2025-52434, CVE-2025-55668] (osv-bomber,osv-scan,owasp)
    · cpe:2.3:a:apache:tomcat::::::::
    · cpe:2.3:a:apache:tomcat:9.0.0:milestone1::::::
    · cpe:2.3:a:apache:tomcat:9.0.0:milestone10::::::
    · cpe:2.3:a:apache:tomcat:9.0.0:milestone11::::::
    · cpe:2.3:a:apache:tomcat:9.0.0:milestone12::::::
    · cpe:2.3:a:apache:tomcat:9.0.0:milestone13::::::
    · cpe:2.3:a:apache:tomcat:9.0.0:milestone14::::::
    · cpe:2.3:a:apache:tomcat:9.0.0:milestone15::::::
    · cpe:2.3:a:apache:tomcat:9.0.0:milestone16::::::
    · cpe:2.3:a:apache:tomcat:9.0.0:milestone17::::::
    · cpe:2.3:a:apache:tomcat:9.0.0:milestone18::::::
    · cpe:2.3:a:apache:tomcat:9.0.0:milestone19::::::
    · cpe:2.3:a:apache:tomcat:9.0.0:milestone2::::::
    · cpe:2.3:a:apache:tomcat:9.0.0:milestone20::::::
    · cpe:2.3:a:apache:tomcat:9.0.0:milestone21::::::
    · cpe:2.3:a:apache:tomcat:9.0.0:milestone22::::::
    · cpe:2.3:a:apache:tomcat:9.0.0:milestone23::::::
    · cpe:2.3:a:apache:tomcat:9.0.0:milestone24::::::
    · cpe:2.3:a:apache:tomcat:9.0.0:milestone25::::::
    · cpe:2.3:a:apache:tomcat:9.0.0:milestone26::::::
    · cpe:2.3:a:apache:tomcat:9.0.0:milestone27::::::
    · cpe:2.3:a:apache:tomcat:9.0.0:milestone3::::::
    · cpe:2.3:a:apache:tomcat:9.0.0:milestone4::::::
    · cpe:2.3:a:apache:tomcat:9.0.0:milestone5::::::
    · cpe:2.3:a:apache:tomcat:9.0.0:milestone6::::::
    · cpe:2.3:a:apache:tomcat:9.0.0:milestone7::::::
    · cpe:2.3:a:apache:tomcat:9.0.0:milestone8::::::
    · cpe:2.3:a:apache:tomcat:9.0.0:milestone9::::::
    · cpe:2.3:a:apache:tomcat:10.1.0:milestone1::::::
    · cpe:2.3:a:apache:tomcat:10.1.0:milestone10::::::
    · cpe:2.3:a:apache:tomcat:10.1.0:milestone11::::::
    · cpe:2.3:a:apache:tomcat:10.1.0:milestone12::::::
    · cpe:2.3:a:apache:tomcat:10.1.0:milestone13::::::
    · cpe:2.3:a:apache:tomcat:10.1.0:milestone14::::::
    · cpe:2.3:a:apache:tomcat:10.1.0:milestone15::::::
    · cpe:2.3:a:apache:tomcat:10.1.0:milestone16::::::
    · cpe:2.3:a:apache:tomcat:10.1.0:milestone17::::::
    · cpe:2.3:a:apache:tomcat:10.1.0:milestone18::::::
    · cpe:2.3:a:apache:tomcat:10.1.0:milestone19::::::
    · cpe:2.3:a:apache:tomcat:10.1.0:milestone2::::::
    · cpe:2.3:a:apache:tomcat:10.1.0:milestone20::::::
    · cpe:2.3:a:apache:tomcat:10.1.0:milestone3::::::
    · cpe:2.3:a:apache:tomcat:10.1.0:milestone4::::::
    · cpe:2.3:a:apache:tomcat:10.1.0:milestone5::::::
    · cpe:2.3:a:apache:tomcat:10.1.0:milestone6::::::
    · cpe:2.3:a:apache:tomcat:10.1.0:milestone7::::::
    · cpe:2.3:a:apache:tomcat:10.1.0:milestone8::::::
    · cpe:2.3:a:apache:tomcat:10.1.0:milestone9::::::
    · cpe:2.3:a:apache:tomcat:11.0.0:milestone1::::::
    · cpe:2.3:a:apache:tomcat:11.0.0:milestone10::::::
    · cpe:2.3:a:apache:tomcat:11.0.0:milestone11::::::
    · cpe:2.3:a:apache:tomcat:11.0.0:milestone12::::::
    · cpe:2.3:a:apache:tomcat:11.0.0:milestone13::::::
    · cpe:2.3:a:apache:tomcat:11.0.0:milestone14::::::
    · cpe:2.3:a:apache:tomcat:11.0.0:milestone15::::::
    · cpe:2.3:a:apache:tomcat:11.0.0:milestone16::::::
    · cpe:2.3:a:apache:tomcat:11.0.0:milestone17::::::
    · cpe:2.3:a:apache:tomcat:11.0.0:milestone18::::::
    · cpe:2.3:a:apache:tomcat:11.0.0:milestone19::::::
    · cpe:2.3:a:apache:tomcat:11.0.0:milestone2::::::
    · cpe:2.3:a:apache:tomcat:11.0.0:milestone20::::::
    · cpe:2.3:a:apache:tomcat:11.0.0:milestone21::::::
    · cpe:2.3:a:apache:tomcat:11.0.0:milestone22::::::
    · cpe:2.3:a:apache:tomcat:11.0.0:milestone23::::::
    · cpe:2.3:a:apache:tomcat:11.0.0:milestone24::::::
    · cpe:2.3:a:apache:tomcat:11.0.0:milestone25::::::
    · cpe:2.3:a:apache:tomcat:11.0.0:milestone26::::::
    · cpe:2.3:a:apache:tomcat:11.0.0:milestone3::::::
    · cpe:2.3:a:apache:tomcat:11.0.0:milestone4::::::
    · cpe:2.3:a:apache:tomcat:11.0.0:milestone5::::::
    · cpe:2.3:a:apache:tomcat:11.0.0:milestone6::::::
    · cpe:2.3:a:apache:tomcat:11.0.0:milestone7::::::
    · cpe:2.3:a:apache:tomcat:11.0.0:milestone8::::::
    · cpe:2.3:a:apache:tomcat:11.0.0:milestone9::::::
    · cpe:2.3:a:apache:tomcat_native::::::::
    · cpe:2.3:a:apache:tomcat:10.0.0:milestone1::::::
    · cpe:2.3:a:apache:tomcat:10.0.0:milestone10::::::
    · cpe:2.3:a:apache:tomcat:10.0.0:milestone2::::::
    · cpe:2.3:a:apache:tomcat:10.0.0:milestone3::::::
    · cpe:2.3:a:apache:tomcat:10.0.0:milestone4::::::
    · cpe:2.3:a:apache:tomcat:10.0.0:milestone5::::::
    · cpe:2.3:a:apache:tomcat:10.0.0:milestone6::::::
    · cpe:2.3:a:apache:tomcat:10.0.0:milestone7::::::
    · cpe:2.3:a:apache:tomcat:10.0.0:milestone8::::::
    · cpe:2.3:a:apache:tomcat:10.0.0:milestone9::::::
    · cpe:2.3:a:apache:tomcat:9.0.0:-::::::
    ·
  - Vulnerabilities in: pkg:maven/ch.qos.logback/logback-core@1.2.13 [CVE-2025-11226, CVE-2024-12801, CVE-2024-12798, CVE-2026-1225] (osv-bomber,osv-scan)
    ·
  - Vulnerabilities in: pkg:maven/org.springframework.boot/spring-boot@2.7.18 [CVE-2025-22235] (osv-bomber,osv-scan)
    ·
  - Vulnerabilities in: pkg:npm/vite@3.2.11 [CVE-2025-32395, CVE-2025-31125, CVE-2025-46565, CVE-2025-62522, CVE-2025-58751, CVE-2025-58752, CVE-2025-24010, CVE-2025-30208, CVE-2025-31486] (osv-bomber,oss-bomber,osv-scan)
    ·
  - Vulnerabilities in: pkg:npm/path-to-regexp@2.4.0 [CVE-2024-45296] (osv-bomber,oss-bomber,osv-scan)
    ·
  - Vulnerabilities in: pkg:npm/esbuild@0.15.18 [GHSA-67mh-4wv8-2f99] (osv-bomber)
    ·
  - Vulnerabilities in: pkg:npm/serialize-javascript@4.0.0 [GHSA-5c6j-r48x-rmvq] (osv-bomber)
    ·
  - Vulnerabilities in: pkg:npm/libxmljs2@0.37.0 [CVE-2024-34393, CVE-2024-34394] (oss-bomber)
    ·
  - Vulnerabilities in: pkg:maven/tools.jackson.core/jackson-core@2.14.2 [] ()
    ·
  - Vulnerabilities in: pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.104 [BIT-tomcat-2025-53506, CVE-2025-53506, BIT-tomcat-2025-48989, CVE-2025-48989, BIT-tomcat-2026-24734, CVE-2026-24734] (osv-scan)
    ·
  - Vulnerabilities in: pkg:maven/org.apache.tomcat/tomcat@9.0.104 [BIT-tomcat-2025-49124, CVE-2025-49124, BIT-tomcat-2025-66614, CVE-2025-66614, BIT-tomcat-2025-61795, CVE-2025-61795, BIT-tomcat-2026-24733, CVE-2026-24733, BIT-tomcat-2025-55754, CVE-2025-55754, BIT-tomcat-2025-55752, CVE-2025-55752] (osv-scan)
    ·
  - Vulnerabilities in: pkg:maven/org.apache.tomcat/tomcat-catalina@9.0.104 [BIT-tomcat-2025-49124, CVE-2025-49124, BIT-tomcat-2025-66614, CVE-2025-66614, BIT-tomcat-2025-46701, CVE-2025-46701, BIT-tomcat-2025-48988, CVE-2025-48988, BIT-tomcat-2025-61795, CVE-2025-61795, BIT-tomcat-2026-24733, CVE-2026-24733, BIT-tomcat-2025-55754, CVE-2025-55754, BIT-tomcat-2025-49125, CVE-2025-49125, BIT-tomcat-2025-55752, CVE-2025-55752, BIT-tomcat-2025-52520, CVE-2025-52520] (osv-scan)
    ·
  - Vulnerabilities in: pkg:maven/org.springframework/spring-webflux@5.3.32 [CVE-2026-22737, CVE-2026-22735, CVE-2024-38816, CVE-2024-38819] (osv-scan)
    ·
  - Vulnerabilities in: pkg:maven/org.apache.poi/poi@5.2.3 [CVE-2025-31672] (owasp)
    · cpe:2.3:a:apache:poi::::::::
    · cpe:2.3:a:netapp:active_iq_unified_manager:-:::::linux::
    · cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vmware_vsphere::
    · cpe:2.3:a:netapp:active_iq_unified_manager:-:::::windows::
🟠 Changes in 23.7-SNAPSHOT since V23.7.0-beta1
- 163 packages modified (47 external, 116 vaadin)
- 642 packages same (582 external, 60 vaadin)

[Click for more Details]

chore: upgrade testbench 8.3.2

e757790

ZheSun88 merged commit 067b268 into 23.7 Mar 27, 2026
3 of 4 checks passed

ZheSun88 deleted the ZheSun88-patch-16 branch March 27, 2026 06:53

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore: upgrade testbench 8.3.2#8707

chore: upgrade testbench 8.3.2#8707
ZheSun88 merged 1 commit into23.7from
ZheSun88-patch-16

ZheSun88 commented Mar 26, 2026

Uh oh!

github-actions bot commented Mar 26, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

ZheSun88 commented Mar 26, 2026

Uh oh!

github-actions bot commented Mar 26, 2026

Dependencies Report

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant