hydra-client-java icon indicating copy to clipboard operation
hydra-client-java copied to clipboard
verified publisher icon ory

Updated pom.xml by Safer

Open safer-bot opened this issue 7 months ago • 3 comments

This PR was automatically created by Safer, an open-source tool that updates vulnerable dependencies with compatible and more secure versions.

Analyzed commit: 26b02da1ce321d0e7cae5fe950c7d269df5ec0bc File updated: pom.xml Vulnerabilities reduced: 6 -> 2

Let us know if you have questions.

Thanks, Safer Bot

safer-bot avatar Jul 16 '25 10:07 safer-bot

See details in issue #23

safer-bot avatar Jul 16 '25 10:07 safer-bot

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

CLAassistant avatar Jul 16 '25 10:07 CLAassistant

It would be great to see this patch merged. The lib is using an unpatched dependency (okhttp 4.11, dependent of okio-jvm 3.2 with a CVE)

nantoniazzi avatar Aug 07 '25 09:08 nantoniazzi