When we run the checker on the project we get the following libraries flagged up which are from the 3.0.2 azure-eventhubs client.
group: 'com.microsoft.azure', name: 'azure-eventhubs', version: '3.0.2'
Issues:
nimbus-jose-jwt-6.0.1.jar (pkg:maven/com.nimbusds/[email protected], cpe:2.3:a:connect2id:nimbus_jose\+jwt:6.0.1:*:*:*:*:*:*:*) : CVE-2019-17195
guava-20.0.jar (pkg:maven/com.google.guava/[email protected], cpe:2.3:a:google:guava:20.0:*:*:*:*:*:*:*) : CVE-2018-10237
adapter-rxjava-2.4.0.jar (pkg:maven/com.squareup.retrofit2/[email protected], cpe:2.3:a:squareup:retrofit:2.4.0:*:*:*:*:*:*:*) : CVE-2018-1000844, CVE-2018-1000850
Can we have an update on these dependencies please?
When we run the checker on the project we get the following libraries flagged up which are from the 3.0.2 azure-eventhubs client.
group: 'com.microsoft.azure', name: 'azure-eventhubs', version: '3.0.2'
Issues:
Can we have an update on these dependencies please?