lewisjkl
commented
3 years ago Thank you for reporting this. We will definitely get this addressed in our next release. In the meantime, would you benefit from a patch release updating this?
Open maciejwitwicki opened 3 years ago
lewisjkl
commented
3 years ago Thank you for reporting this. We will definitely get this addressed in our next release. In the meantime, would you benefit from a patch release updating this?
naphelps
commented
2 years ago Hello, I am a project maintainer for a project called Open Horizon (https://github.com/open-horizon). We have a component project that uses Guava as part of Scala Cache and we would benefit from either a patch release fixing this vulnerability or a stable 1.0.0 release that we can update to.
Hi,
There is a known vulnerability found in the guava 0.28-jre which is used by the latest scalacache-guava .28.0. Guava version should be bumped to get rid of that threat.
Do you plan to bump the scalacache-guava version anytime soon?
Link to the vulnerability details: SNYK-JAVA-COMGOOGLEGUAVA-1015415
Best regards Maciej