Update apollo graphQL 3.X to use com.squareup.okio:okio:3.9.0 #5867
Labels
🐛 Type: Bug
✔️ Fixed in SNAPSHOTs
The fix has been merged and is available in SNAPSHOTs, and will be available in the next release
Version
3.8.3
Summary
Currently apolllo runtime has dependency on com.squareup.okio:okio:3.2.0
That version of okio has this CVE - https://nvd.nist.gov/vuln/detail/CVE-2023-3635
Can this okio dependency updated to version 3.9.0 where this CVE is fixed?
Steps to reproduce the behavior
No response
Logs
The text was updated successfully, but these errors were encountered: