This repository was archived by the owner on Mar 30, 2022. It is now read-only.
This repository was archived by the owner on Mar 30, 2022. It is now read-only.
CVE After upgrading to 1.7.7.1 #143
Description
Hi all,
We are running a OWSAP dependency checker and got the following CVE
CVE-2022-23635 -> CWE-287
| Location | Component Name | Component Version | Group |
|---|---|---|---|
| istio-model-1.7.7.1 | me.snowdrop:istio-model | 1.7.7.1 | N |
-
Is https://mvnrepository.com/artifact/me.snowdrop/istio-client/1.7.7.1 EOL ? Is that why there are no new versions have been released since Feb 2021?
-
When does me.snowdrop/istio-client is planning to release a new version that has the fix for CVE-2022-23635 ?
Please review my above query and a quick response is highly appreciated.
Thank you.