dependency vulnerability with com.google.http-client detected
10 views
Skip to first unread message
alexis gayte
Apr 28, 2025, 8:46:19 AMApr 28
to tink-users
Current version 1.12.2 has a dependency vulnerability with com.google.http-client
from :
com.google.http-client:google-http-client:1.46.3
https://mvnrepository.com/artifact/com.google.http-client/google-http-client/1.46.3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2976
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8908
alexis gayte
Sep 4, 2025, 3:41:00 AM (3 days ago) Sep 4
to tink-users
Hi Here,
google-http-java-client has been upgraded to version 2.0.0 to fix these vulnerabilities, (https://github.com/googleapis/google-http-java-client). Is it possible to upgrade apps-paymentmethodtoken dependency on it?
google-http-java-client has been upgraded to version 2.0.0 to fix these vulnerabilities, (https://github.com/googleapis/google-http-java-client). Is it possible to upgrade apps-paymentmethodtoken dependency on it?
Regards,
Alexis GAYTE
Reply all
Reply to author
Forward
0 new messages