You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There is a known vulnerability found in the guava 0.28-jre which is used by the latest scalacache-guava .28.0.
Guava version should be bumped to get rid of that threat.
Do you plan to bump the scalacache-guava version anytime soon?
Thank you for reporting this. We will definitely get this addressed in our next release. In the meantime, would you benefit from a patch release updating this?
Hello, I am a project maintainer for a project called Open Horizon (https://github.com/open-horizon). We have a component project that uses Guava as part of Scala Cache and we would benefit from either a patch release fixing this vulnerability or a stable 1.0.0 release that we can update to.
Hi,
There is a known vulnerability found in the guava 0.28-jre which is used by the latest scalacache-guava .28.0.
Guava version should be bumped to get rid of that threat.
Do you plan to bump the scalacache-guava version anytime soon?
Link to the vulnerability details: SNYK-JAVA-COMGOOGLEGUAVA-1015415
Best regards
Maciej
The text was updated successfully, but these errors were encountered: