Closed kevin-ewing closed 3 months ago
Fixed by 0de2499e116c7f9fe1b9f3751891dcc86994eb1e. Thanks!
@joelittlejohn The issue still persists in com.amazonaws/aws-java-sdk-dynamodb "1.12.581"
through com.taoensso:faraday@1.12.1 > com.amazonaws:aws-java-sdk-dynamodb@1.12.581 > com.amazonaws:aws-java-sdk-core@1.12.581 > software.amazon.ion:ion-java@1.0.2.
Oh thanks, sorry my mistake. I managed to miss this via lein deps :tree
:facepalming: Let me sort his out.
@kevin-ewing Fixed with 1.12.2 (47dfdef607e697844768b0605ec12657386a20dc).
Vulnerable path found through com.taoensso:faraday@1.12.0 > com.amazonaws:aws-java-sdk-dynamodb@1.12.410 > com.amazonaws:aws-java-sdk-core@1.12.410 > software.amazon.ion:ion-java@1.0.2
CVE Record Snyk Report