tommysitu
commented
2 years ago I think the latest version is already using 4.9.3: https://github.com/SpectoLabs/hoverfly-java/blob/master/build.gradle#L34
Closed mjiderhamn closed 2 years ago
tommysitu
commented
2 years ago I think the latest version is already using 4.9.3: https://github.com/SpectoLabs/hoverfly-java/blob/master/build.gradle#L34
mjiderhamn
commented
2 years ago Indeed. Must be something in my dependencyManagement that overrides this. Sorry about that!
Is your feature request related to a problem? Please describe. okhttp is affected by CVE CVE-2021-0341. It has been fixed in 4.9.1, but does not seem to have been backported to 3.x.
Describe the solution you'd like Please upgrade okhttp to 4.x.