Hi all, We are running a OWSAP dependency checker and got the following CVE CVE-2022-23635 -> CWE-287 | Location | Component Name | Component Version | Group | | --- | --- | --- | --- | | istio-model-1.7.7.1 | me.snowdrop:istio-model | 1.7.7.1 | N | 1. Is https://mvnrepository.com/artifact/me.snowdrop/istio-client/1.7.7.1 EOL ? Is that why there are no new versions have been released since Feb 2021? 2. When does me.snowdrop/istio-client is planning to release a new version that has the fix for CVE-2022-23635 ? Please review my above query and a quick response is highly appreciated. Thank you.
Hi all,
We are running a OWSAP dependency checker and got the following CVE
CVE-2022-23635 -> CWE-287
Is https://mvnrepository.com/artifact/me.snowdrop/istio-client/1.7.7.1 EOL ? Is that why there are no new versions have been released since Feb 2021?
When does me.snowdrop/istio-client is planning to release a new version that has the fix for CVE-2022-23635 ?
Please review my above query and a quick response is highly appreciated.
Thank you.