search

TBD54566975 / web5-kt

Apache License 2.0
7 stars 9 forks source link

Sec Vuln: com.google.guava:guava@31.0.1-android #243

Closed ALRubinger closed 5 months ago

ALRubinger commented 5 months ago

From https://github.com/TBD54566975/web5-kt/actions/runs/7896482454/job/21550530043:

⚑ Critical vulnerability detected on com.google.guava:guava@31.0.1-android
  CVE ID: CVE-2023-2976
  Fixed in: 32.0.0-android

Force resolution to recommended; test this doesn't introduce other issues in the testsuite.

ALRubinger commented 5 months ago

Confirmed before: 

./gradlew -q dependencyInsight --dependency com.google.guava:guava --configuration tRC -p credentials
com.google.guava:guava:31.0.1-android