Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security vulnerability CVE-2020-29582 #685

Open
5 tasks done
pdodds opened this issue Jan 6, 2025 · 0 comments
Open
5 tasks done

Security vulnerability CVE-2020-29582 #685

pdodds opened this issue Jan 6, 2025 · 0 comments
Labels
bug This points to a verified bug in the code

Comments

@pdodds
Copy link

pdodds commented Jan 6, 2025

Checklist

  • I have looked into the Readme and Examples, and have not found a suitable solution or answer.
  • I have looked into the API documentation and have not found a suitable solution or answer.
  • I have searched the issues and have not found a suitable solution or answer.
  • I have searched the Auth0 Community forums and have not found a suitable solution or answer.
  • I agree to the terms within the Auth0 Code of Conduct.

Description

We are currently tracking an issue based on the use of Auth0 in a Java application - see https://nvd.nist.gov/vuln/detail/cve-2020-29582

Are you planning to resolve the dependency version, I assume this might be linked to changing the OKHttp version?

Reproduction

  • Add Auth0 as dependency in Maven

Additional context

No response

auth0-java version

2.15

Java version

21
@pdodds pdodds added the bug This points to a verified bug in the code label Jan 6, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug This points to a verified bug in the code
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@pdodds