upgrade door dependency to 1.7.0

requested review from @rwbackx

assigned to @hpage

Henry Page, this merge request has policy violations and errors. To unblock this merge request, fix these items:

Resolve all violations in the following merge request approval policies: Security check. If you think these items shouldn't be violations, ask eligible approvers of each policy to approve this merge request.

Violations blocking this merge request

This merge request introduces these violations:

High · Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation. · build.gradle.kts (Dependency scanning)
Critical · Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT · build.gradle.kts (Dependency scanning)
High · Deserialization of Untrusted Data · build.gradle.kts (Dependency scanning)
Critical · Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability · build.gradle.kts (Dependency scanning)
High · SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine · build.gradle.kts (Dependency scanning)
High · Bouncy Castle crafted signature and public key can be used to trigger an infinite loop · build.gradle.kts (Dependency scanning)
High · Bouncy Castle Java Cryptography API vulnerable to DNS poisoning · build.gradle.kts (Dependency scanning)
High · jose4j uses weak cryptographic algorithm · build.gradle.kts (Dependency scanning)
High · Netplex Json-smart Uncontrolled Recursion vulnerability · build.gradle.kts (Dependency scanning)
High · Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation. · build.gradle.kts (Dependency scanning)

More violations have been detected in addition to the list above.

Comparison pipelines

approved this merge request

merged

mentioned in commit 00656382

Merge request reports