When we run the checker on the project we get the following libraries flagged up which are from the 3.0.2 azure-eventhubs client.
group: 'com.microsoft.azure', name: 'azure-eventhubs', version: '3.0.2'
Issues:
nimbus-jose-jwt-6.0.1.jar (pkg:maven/com.nimbusds/nimbus-jose-jwt@6.0.1, cpe:2.3:a:connect2id:nimbus_jose\+jwt:6.0.1:*:*:*:*:*:*:*) : CVE-2019-17195
guava-20.0.jar (pkg:maven/com.google.guava/guava@20.0, cpe:2.3:a:google:guava:20.0:*:*:*:*:*:*:*) : CVE-2018-10237
adapter-rxjava-2.4.0.jar (pkg:maven/com.squareup.retrofit2/adapter-rxjava@2.4.0, cpe:2.3:a:squareup:retrofit:2.4.0:*:*:*:*:*:*:*) : CVE-2018-1000844, CVE-2018-1000850
Can we have an update on these dependencies please?
When we run the checker on the project we get the following libraries flagged up which are from the 3.0.2 azure-eventhubs client.
group: 'com.microsoft.azure', name: 'azure-eventhubs', version: '3.0.2'
Issues:
Can we have an update on these dependencies please?