istio-java-api
istio-java-api copied to clipboard
CVE After upgrading to 1.7.7.1
Hi all, We are running a OWSAP dependency checker and got the following CVE
CVE-2022-23635 -> CWE-287
Location | Component Name | Component Version | Group |
---|---|---|---|
istio-model-1.7.7.1 | me.snowdrop:istio-model | 1.7.7.1 | N |
-
Is https://mvnrepository.com/artifact/me.snowdrop/istio-client/1.7.7.1 EOL ? Is that why there are no new versions have been released since Feb 2021?
-
When does me.snowdrop/istio-client is planning to release a new version that has the fix for CVE-2022-23635 ?
Please review my above query and a quick response is highly appreciated.
Thank you.