Closed g2vinay closed 2 years ago
The oauth2-oidc-sdk:9.4 being used by adal4j has the following vulnerability coming in from json-smart dependency.
The adal4j library needs to update the oauth2-oidc-sdk to version 9.20 (the latest) that has this CVE issue resolved.
This issue is impacting our customers. Let us know as soon as the patch release is out with updated dependencies.
The oauth2-oidc-sdk:9.4 being used by adal4j has the following vulnerability coming in from json-smart dependency.
The adal4j library needs to update the oauth2-oidc-sdk to version 9.20 (the latest) that has this CVE issue resolved.
This issue is impacting our customers. Let us know as soon as the patch release is out with updated dependencies.