dependency vulnerability with com.google.http-client and protobuf-java detected
26 views
Skip to first unread message
alexis gayte
Apr 1, 2025, 9:11:42 AMApr 1
to tink-users
Current version has a dependency vulnerability with com.google.http-client and protobuf-java.
from :
com.google.crypto.tink:tink:1.13.0
com.google.protobuf:protobuf-java:3.25.1
https://mvnrepository.com/artifact/com.google.protobuf/protobuf-java/3.25.1
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7254
and from
com.google.http-client:google-http-client:1.43.3
com.google.guava:guava:30.1.1-android
https://mvnrepository.com/artifact/com.google.guava/guava/30.1.1-android
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2976
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8908
Reply all
Reply to author
Forward
0 new messages