Vulnerabilities from dependencies: CVE-2023-2976 CVE-2020-8908 #2016
Labels
priority: p2
Moderately-important priority. Fix may not be included in next release.
type: bug
Error or flaw in code with unintended results or allowing sub-optimal usage patterns.
Comments
|
Upgrading Guava is currently blocked on maintaining Java 7 support. Marking this ticket for discussion. |
burkedavison
added
type: bug
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Thanks for stopping by to let us know something could be better!
Summary:
The
google-http-clientversion 1.45.0 has known vulnerabilities due to dependencies. Specifically:Impact:
These vulnerabilities may raise security issue
Steps to Reproduce:
Suggested Fix:
1.45.0 is the latest version
Additional Information:
Making sure to follow these steps will guarantee the quickest resolution possible.
Thanks!
Venkateswari
The text was updated successfully, but these errors were encountered: