Closed saarthakgupta closed 4 years ago
Hi @saarthakgupta :wave:
Thank you for bringing this to our attention. Luckily, this issue was addressed last year and our team is working on getting the CVE updated now. If you have further questions, feel free to reach out here or on our support line at support@imgix.com.
Hello,
There is a published CVE in the Java SDK affecting the latest version too. The CVE is
https://nvd.nist.gov/vuln/search/results?form_type=Advanced&results_type=overview&search_type=all&cpe_vendor=cpe%3A%2F%3Aimgix&cpe_product=cpe%3A%2F%3Aimgix%3Aimgix&cpe_version=cpe%3A%2F%3Aimgix%3Aimgix%3A2.3.0
Also attched is the screengrab from my development machine detailing the CVE.
Are there any plans to fix this in a future update ?
Thank you for your attention.