I am using Java duo-universal-sdk v1.1.3 and getting vulnerabilities reported from dependencies.
Vulnerabilities I get reported in IntelliJ, and with syft/grype are:
com.fasterxml.jackson.core:jackson-core:2.3.2
com.fasterxml.jackson.core:jackson-databind:2.3.2
com.squareup.okhttp3:okhttp:3.14.19
com.squareup.okio:okio:1.17.2
Can you please investigate?
I am using Java duo-universal-sdk v1.1.3 and getting vulnerabilities reported from dependencies.
Vulnerabilities I get reported in IntelliJ, and with syft/grype are:
com.fasterxml.jackson.core:jackson-core:2.3.2
com.fasterxml.jackson.core:jackson-databind:2.3.2
com.squareup.okhttp3:okhttp:3.14.19
com.squareup.okio:okio:1.17.2
Can you please investigate?