Giters

google / data-transfer-project

The Data Transfer Project makes it easy for people to transfer their data between online service providers. We are establishing a common framework, including data models and protocols, to enable direct transfer of data both into and out of participating online service providers.

Home Page:http://datatransferproject.dev

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

There is a vulnerability in Nimbus-JOSE-JWT 5.14,upgrade recommended

QiAnXinCodeSafe opened this issue · comments

commented

data-transfer-project/extensions/security/portability-security-jwe/build.gradle

Line 23 in ef53a7e

compile group: 'com.nimbusds', name: 'nimbus-jose-jwt', version: '5.14'

CVE-2019-17195 CVE-2022-21449 CVE-2022-21434

Recommended upgrade version:9.21.1