CVE-2018-10237 affecting SJC

symphonyoss / symphony-java-client

Java client library for Symphony

Apache License 2.0

34 stars 37 forks source link

Open pmonks opened 4 years ago

pmonks commented 4 years ago

CVE-2018-10237 has been raised against guava v20.0.

Although it's not a direct dependency, SJC transitively depends on guava v20.0 via swagger-core v1.5.16.