[x] I have checked that the SDK documentation doesn't solve my issue.
[x] I have checked that the API documentation doesn't solve my issue.
[x] I have searched the Box Developer Forums and my issue isn't already reported (or if it has been reported, I have attached a link to it, for reference).
[x] I have searched Issues in this repo and my issue isn't already reported.
Description of the Issue
In com.squareup.okhttp3:okhttp:4.10.0, there is a transitive dependency OkIo that has a high security vulnerability (7.5) . OkiO has this vulnerability in versions < 3.4.0. This is fixed in okhttp upgrade in com.squareup.okhttp3:okhttp:4.12.0.
Description of the Issue
In com.squareup.okhttp3:okhttp:4.10.0, there is a transitive dependency OkIo that has a high security vulnerability (7.5) . OkiO has this vulnerability in versions < 3.4.0. This is fixed in okhttp upgrade in com.squareup.okhttp3:okhttp:4.12.0.
CVE for OkiO: https://nvd.nist.gov/vuln/detail/CVE-2023-3635
Steps to Reproduce
Expected Behavior
Expect that com.squareup.okhttp3:okhttp is upgraded to version 4.12.0
Error Message, Including Stack Trace
N/A
Screenshots
N/A
Versions Used
Java SDK: Java: